Most serious applications (and distributed microservices style architectures) will require to provide a log aggregation & analysis feature to its dev & operations teams. Reviewing log entires from 10s or 100s of server instances is not something to take lightly. Whether you choose to use a commercial product or an open source offering – that does not matter; just make sure you have one available.
Recently I have been deploying applications using AWS Beanstalk. You can definitely configure CloudWatch Logs to send log streams over to AWS ElasticSearch service. Log messages can be routed to a Lambda function which would break the log messages into individual attributes suitable for indexing. I wanted to try a slightly different route where I depend less on CloudWatch Logs and more on open source tools. Enter filebeat on Beanstalk.
It is hard not to be affected by the constant chatter on Microservices Architecture and Container technology. Both are leading the discussions nowadays and they combine to provide new ways to Architect distributed systems and provide agility in delivering business value. While they do bring in big benefits when implemented successfully, the path to success for most enterprises (other than startups/product/tech firms) is going to be difficult and having a level of measured caution would be good.
In the tech world one cannot stay a day away from hearing the words API or Microservices. For those who work in startups or tech firms (google type) these are well understood. But once you walk into large non-tech firms, these words are not as well understood.
While I had the privilege of using ElasticSearch to implement media analytics in a past role, it is only recently that I have started looking at it for log analysis.
Production issue comes screaming at you at 2am. Red-eyed you open your laptop and check the server logs. You see only minimal logging. After checking other areas such as database, network, machine health, etc., you wish you could turn on more debug logs. Turns out your development team did not provide you a feature to change log levels on the fly. Only way you can do that is to restart the application servers. Ok developers don’t let that happen to you or your ops team. Continue reading