Cascading, profile picture
Uploaded byCascading
1,043 views

Elasticsearch + Cascading for Scalable Log Processing

The document discusses log file analytics and large-scale log processing using Logstash and Cascading for big data applications. It highlights the advantages of using Cascading for developing data applications and integrates it with Logstash for enhanced log processing capabilities. Additionally, it emphasizes the importance of operational visibility and application management using the Driven architecture.

Embed presentation

Downloaded 19 times
DRIVING INNOVATION THROUGH DATA LARGE-SCALE LOG PROCESSING WITH CASCADING & LOGSTASH Elasticsearch Meetup, Oct 30 2014
WHAT IS LOG FILE ANALYTICS? • Making sense of large amounts of [semi|un]structured data • What type of log file data? ‣ Syslog ‣ Web log files (Apache, Nginix, WebTrends, Omniture) ‣ POS transactions ‣ Advertising impressions (Doubleclick DART, OpenX, Atlas) ‣ Twitter firehose (yes, it’s a log file!) • Anything with a timestamp and data 2
LOGSTASH ARCHITECTURE 3 h"p://www.slashroot.in/logstash1tutorial1linux1central1logging1server7 • Data collec*on is flexible • Lots of input/output plugins • Grok filtering is easy • Kibana UI is a?rac*ve
WHAT CAN WE DO WITH CASCADING + LOGSTASH? • Provide richer log-processing capabilities • Integrate & correlate with other information ‣ Large list of integration adapters • Analyze large volumes of log data • Capture & retain unfiltered log data • Operationalize your log-processing application 4
GET TO KNOW CONCURRENT 5 Leader in Application Infrastructure for Big Data • Building enterprise software to simplify Big Data application development and management Products and Technology • CASCADING Open Source - The most widely used application infrastructure for building Big Data apps with over 175,000 downloads each month • DRIVEN Enterprise data application management for Big Data apps Proven — Simple, Reliable, Robust • Thousands of enterprises rely on Concurrent to provide their data application infrastructure. Founded: 2008 HQ: San Francisco, CA CEO: Gary Nakamura CTO, Founder: Chris Wensel www.concurrentinc.com
CASCADING - DE-FACTO STANDARD FOR DATA APPS Cascading Apps 6 SQL Clojure Ruby New Fabrics Tez Storm Supported Fabrics and Data Stores Mainframe DB / DW In-Memory Data Stores Hadoop • Standard for enterprise data app development • Your programming language of choice • Cascading applications that run on MapReduce will also run on Apache Spark, Storm, and …
CASCADING 3.0 7 “Write once and deploy on your fabric of choice.” • The Innovation — Cascading 3.0 will allow for data apps to execute on existing and emerging fabrics through its new customizable query planner. • Cascading 3.0 will support — Local In-Memory, Apache MapReduce and soon thereafter (3.1) Apache Tez, Apache Spark and Apache Storm Enterprise Data Applications Local In-Memory MapReduce Apache Tez, Storm, Computation Fabrics
… AND INCLUDES RICH SET OF EXTENSIONS 8 http://www.cascading.org/extensions/
DEMO: WORD COUNT EXAMPLE WITH CASCADING String docPath = args[ 0 ]; String wcPath = args[ 1 ]; Properties properties = new Properties(); AppProps.setApplicationJarClass( properties, Main.class ); HadoopFlowConnector flowConnector = new HadoopFlowConnector( properties ); 9 configuration integration // create source and sink taps Tap docTap = new Hfs( new TextDelimited( true, "t" ), docPath ); Tap wcTap = new Hfs( new TextDelimited( true, "t" ), wcPath ); processing // specify a regex to split "document" text lines into token stream Fields token = new Fields( "token" ); Fields text = new Fields( "text" ); RegexSplitGenerator splitter = new RegexSplitGenerator( token, "[ [](),.]" ); // only returns "token" Pipe docPipe = new Each( "token", text, splitter, Fields.RESULTS ); // determine the word counts Pipe wcPipe = new Pipe( "wc", docPipe ); wcPipe = new GroupBy( wcPipe, token ); wcPipe = new Every( wcPipe, Fields.ALL, new Count(), Fields.ALL ); scheduling // connect the taps, pipes, etc., into a flow definition FlowDef flowDef = FlowDef.flowDef().setName( "wc" ) .addSource( docPipe, docTap ) .addTailSink( wcPipe, wcTap ); // create the Flow Flow wcFlow = flowConnector.connect( flowDef ); // <<-- Unit of Work wcFlow.complete(); // <<-- Runs jobs on Cluster
SOME COMMON PATTERNS • Functions • Filters • Joins ‣ Inner / Outer / Mixed ‣ Asymmetrical / Symmetrical • Merge (Union) • Grouping ‣ Secondary Sorting ‣ Unique (Distinct) • Aggregations ‣ Count, Average, etc 10 filter filter function function filter function data Pipeline Split Join Merge data Topology
THE STANDARD FOR DATA APPLICATION DEVELOPMENT 11 www.cascading.org Build data apps that are scale-free Design principals ensure best practices at any scale Test-Driven Development Efficiently test code and process local files before deploying on a cluster Staffing Bottleneck Use existing Java, SQL, modeling skill sets Application Portability Write once, then run on different computation fabrics Operational Complexity Simple - Package up into one jar and hand to operations Systems Integration Hadoop never lives alone. Easily integrate to existing systems Proven application development framework for building data apps Application platform that addresses:
CASCADING • Java API • Separates business logic from integration • Testable at every lifecycle stage • Works with any JVM language • Many integration adapters 12 Processing API Integration API Process Planner Scheduler API Scheduler Apache Hadoop Cascading Data Stores Scripting Scala, Clojure, JRuby, Jython, Groovy Enterprise Java
BUSINESSES DEPEND ON US • Cascading Java API • Data normalization and cleansing of search and click-through logs for use by analytics tools, Hive analysts • Easy to operationalize heavy lifting of data in one framework 13
BROAD SUPPORT 14 Hadoop ecosystem supports Cascading
CASCADING DEPLOYMENTS Confidential 15
OPERATIONAL EXCELLENCE Visibility Through All Stages of App Lifecycle From Development — Building and Testing • Design & Development • Debugging • Tuning To Production — Monitoring and Tracking • Maintain Business SLAs • Balance & Controls • Application and Data Quality • Operational Health • Real-time Insights 16
DRIVEN ARCHITECTURE
DEEPER VISUALIZATION INTO YOUR HADOOP CODE • Easily comprehend, debug, and tune your data applications • Get rich insights on your application performance • Monitor applications in real-time • Compare app performance with historical (previous) iterations 18 Debug and optimize your Hadoop applications more effectively with Driven
GET OPERATIONAL INSIGHTS WITH DRIVEN • Quickly breakdown how often applications execute based on their tags, teams, or names • Immediately identify if any application is monopolizing cluster resources • Understand the utilization of your cluster with a timeline of all applications running 19 Visualize the activity of your applications to help maintain SLAs
ORGANIZE YOUR APPLICATIONS WITH GREATER FIDELITY • Easily keep track of all your applications by segmenting them with user-defined tags • Segment your applications for trending analysis, cluster analysis, and developing chargeback models • Quickly breakdown how often applications execute based on their tags, teams, or names 20 Segment your applications for greater insights across all your applications
COLLABORATE WITH TEAMS Utilize teams to collaborate and gain visibility over your set of applications • Invite others to view and collaborate on a specific application • Gain visibility to all the apps and their owners associated with each team • Simply manage your teams and the users assigned to them 21
MANAGE PORTFOLIO OF BIG DATA APPLICATIONS Fast, powerful, rich search capabilities enable you to easily find the exact set of • Identify problematic apps with their owners and teams • Search for groups of applications segmented by user-defined tags • Compare specific applications with their previous iterations to ensure that your application can meet its SL 22 applications that you’re looking for
DRIVEN FOR HIVE: OPERATIONAL VISIBILITY FOR YOUR HIVE APPS • Understand the anatomy of your Hive app • Track execution of queries as single business process • Identify outlier behavior by comparison with historical runs • Analyze rich operational meta-data • Correlate Hive app behavior with other events on cluster 23
• Logstash provides a flexible and a robust way to collect log data; Grok lets you parse logs without coding. Kibana UI is attractive to analyze the information • Cascading is the de-facto framework for building Big Data (Hadoop) applications and processing data at scale • Cascading+Logstash let’s you develop applications to collect and process large volumes of data • With Driven, you can put your mission critical log-processing applications in production and monitor SLAs TAKE AWAY POINTS 24
CONTACT INFORMATION Supreet Oberoi supreet@concurrentinc.com 650-868-7675 (m) @supreet_online
DRIVING INNOVATION THROUGH DATA THANK YOU Supreet Oberoi

More Related Content

PPTX
Solr + Hadoop: Interactive Search for Hadoop
bygregchanan
 
PDF
Visualizing Big Data in Realtime
byDataWorks Summit
 
PDF
Realizing the Promise of Portable Data Processing with Apache Beam
byDataWorks Summit
 
PPTX
LEGO: Data Driven Growth Hacking Powered by Big Data
byDataWorks Summit/Hadoop Summit
 
PPTX
SQL on Hadoop for the Oracle Professional
byMichael Rainey
 
PPTX
Troubleshooting Kerberos in Hadoop: Taming the Beast
byDataWorks Summit
 
PPTX
Built-In Security for the Cloud
byDataWorks Summit
 
PDF
High-Scale Entity Resolution in Hadoop
byDataWorks Summit/Hadoop Summit
 
Solr + Hadoop: Interactive Search for Hadoop
bygregchanan
 
Visualizing Big Data in Realtime
byDataWorks Summit
 
Realizing the Promise of Portable Data Processing with Apache Beam
byDataWorks Summit
 
LEGO: Data Driven Growth Hacking Powered by Big Data
byDataWorks Summit/Hadoop Summit
 
SQL on Hadoop for the Oracle Professional
byMichael Rainey
 
Troubleshooting Kerberos in Hadoop: Taming the Beast
byDataWorks Summit
 
Built-In Security for the Cloud
byDataWorks Summit
 
High-Scale Entity Resolution in Hadoop
byDataWorks Summit/Hadoop Summit
 

What's hot

PPTX
Innovation in the Enterprise Rent-A-Car Data Warehouse
byDataWorks Summit
 
PDF
Azure Data Factory v2
byinovex GmbH
 
PDF
A Thorough Comparison of Delta Lake, Iceberg and Hudi
byDatabricks
 
PPTX
Building an ETL pipeline for Elasticsearch using Spark
byItai Yaffe
 
PDF
Big Data Day LA 2016/ Use Case Driven track - Hydrator: Open Source, Code-Fre...
byData Con LA
 
PPTX
Big Data Day LA 2015 - NoSQL: Doing it wrong before getting it right by Lawre...
byData Con LA
 
PPTX
Big Data Processing with Spark and .NET - Microsoft Ignite 2019
byMichael Rys
 
PPTX
Presentation Brucon - Anubisnetworks and PTCoresec
byTiago Henriques
 
PDF
Data Ingest Self Service and Management using Nifi and Kafka
byDataWorks Summit
 
PPTX
Dynamic DDL: Adding structure to streaming IoT data on the fly
byDataWorks Summit
 
PPTX
Real time fraud detection at 1+M scale on hadoop stack
byDataWorks Summit/Hadoop Summit
 
PDF
WhereHows: Taming Metadata for 150K Datasets Over 9 Data Platforms
byMars Lan
 
PPTX
Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...
byDataWorks Summit
 
PDF
Open Source Lambda Architecture with Hadoop, Kafka, Samza and Druid
byDataWorks Summit
 
PDF
Leveraging docker for hadoop build automation and big data stack provisioning
byEvans Ye
 
PPTX
Big Data Processing with .NET and Spark (SQLBits 2020)
byMichael Rys
 
PPTX
Logical Data Warehouse: How to Build a Virtualized Data Services Layer
byDataWorks Summit
 
PPTX
How to Use Innovative Data Handling and Processing Techniques to Drive Alpha ...
byDataWorks Summit
 
PPTX
Enabling Modern Application Architecture using Data.gov open government data
byDataWorks Summit
 
PPTX
August 2016 HUG: Recent development in Apache Oozie
byYahoo Developer Network
 
Innovation in the Enterprise Rent-A-Car Data Warehouse
byDataWorks Summit
 
Azure Data Factory v2
byinovex GmbH
 
A Thorough Comparison of Delta Lake, Iceberg and Hudi
byDatabricks
 
Building an ETL pipeline for Elasticsearch using Spark
byItai Yaffe
 
Big Data Day LA 2016/ Use Case Driven track - Hydrator: Open Source, Code-Fre...
byData Con LA
 
Big Data Day LA 2015 - NoSQL: Doing it wrong before getting it right by Lawre...
byData Con LA
 
Big Data Processing with Spark and .NET - Microsoft Ignite 2019
byMichael Rys
 
Presentation Brucon - Anubisnetworks and PTCoresec
byTiago Henriques
 
Data Ingest Self Service and Management using Nifi and Kafka
byDataWorks Summit
 
Dynamic DDL: Adding structure to streaming IoT data on the fly
byDataWorks Summit
 
Real time fraud detection at 1+M scale on hadoop stack
byDataWorks Summit/Hadoop Summit
 
WhereHows: Taming Metadata for 150K Datasets Over 9 Data Platforms
byMars Lan
 
Bridle your Flying Islands and Castles in the Sky: Built-in Governance and Se...
byDataWorks Summit
 
Open Source Lambda Architecture with Hadoop, Kafka, Samza and Druid
byDataWorks Summit
 
Leveraging docker for hadoop build automation and big data stack provisioning
byEvans Ye
 
Big Data Processing with .NET and Spark (SQLBits 2020)
byMichael Rys
 
Logical Data Warehouse: How to Build a Virtualized Data Services Layer
byDataWorks Summit
 
How to Use Innovative Data Handling and Processing Techniques to Drive Alpha ...
byDataWorks Summit
 
Enabling Modern Application Architecture using Data.gov open government data
byDataWorks Summit
 
August 2016 HUG: Recent development in Apache Oozie
byYahoo Developer Network
 

Viewers also liked

PDF
Logging with Elasticsearch, Logstash & Kibana
byAmazee Labs
 
PDF
Twitter 與 ELK 基本使用
byMark Dai
 
PPTX
Log analysis using Logstash,ElasticSearch and Kibana
byAvinash Ramineni
 
PPTX
ELK Stack - Kibana操作實務
byKedy Chang
 
PPTX
Elk stack
byJilles van Gurp
 
PPTX
Dev-Ops与Docker的最佳实践 QCon2016 北京站演讲
byChinaNetCloud
 
PDF
Hadoop Summit Tokyo HDP Sandbox Workshop
byDataWorks Summit/Hadoop Summit
 
PDF
ELK: Moose-ively scaling your log system
byAvleen Vig
 
PDF
Elasitcsearch + Logstash + Kibana 日誌監控
byJui An Huang (黃瑞安)
 
PDF
Comparison of Transactional Libraries for HBase
byDataWorks Summit/Hadoop Summit
 
Logging with Elasticsearch, Logstash & Kibana
byAmazee Labs
 
Twitter 與 ELK 基本使用
byMark Dai
 
Log analysis using Logstash,ElasticSearch and Kibana
byAvinash Ramineni
 
ELK Stack - Kibana操作實務
byKedy Chang
 
Elk stack
byJilles van Gurp
 
Dev-Ops与Docker的最佳实践 QCon2016 北京站演讲
byChinaNetCloud
 
Hadoop Summit Tokyo HDP Sandbox Workshop
byDataWorks Summit/Hadoop Summit
 
ELK: Moose-ively scaling your log system
byAvleen Vig
 
Elasitcsearch + Logstash + Kibana 日誌監控
byJui An Huang (黃瑞安)
 
Comparison of Transactional Libraries for HBase
byDataWorks Summit/Hadoop Summit
 

Similar to Elasticsearch + Cascading for Scalable Log Processing

PDF
Cascading concurrent yahoo lunch_nlearn
byCascading
 
PDF
Accelerate Big Data Application Development with Cascading
byCascading
 
PDF
Cascading on starfish
byFei Dong
 
PDF
Reducing Development Time for Production-Grade Hadoop Applications
byCascading
 
PPTX
Architecting Your First Big Data Implementation
byAdaryl "Bob" Wakefield, MBA
 
PDF
Functional programming
 for optimization problems 
in Big Data
byPaco Nathan
 
PDF
Accelerate Big Data Application Development with Cascading and HDP, Hortonwor...
byHortonworks
 
PPTX
Hadoop Big Data A big picture
byJ S Jodha
 
PPT
Architecting the Future of Big Data and Search
byHortonworks
 
PDF
Scaling up with hadoop and banyan at ITRIX-2015, College of Engineering, Guindy
byRohit Kulkarni
 
PDF
Boulder/Denver BigData: Cluster Computing with Apache Mesos and Cascading
byPaco Nathan
 
PPTX
Data Pipelines in Hadoop - SAP Meetup in Tel Aviv
bylarsgeorge
 
PDF
C-BAG Big Data Meetup Chennai Oct.29-2014 Hortonworks and Concurrent on Casca...
byHortonworks
 
PPTX
Cascading User Group Meet
byVinoth Kannan
 
PPTX
Introduction to Hadoop and Big Data
byJoe Alex
 
PPTX
Big data or big deal
byeduarderwee
 
PPTX
Hadoop - Where did it come from and what's next? (Pasadena Sept 2014)
byEric Baldeschwieler
 
PPTX
Atlanta hadoop users group july 2013
byChristopher Curtin
 
PPTX
NoSQL, Hadoop, Cascading June 2010
byChristopher Curtin
 
PDF
Hadoop Overview by Sunitha Flowerhill
bySunitha Flowerhill
 
Cascading concurrent yahoo lunch_nlearn
byCascading
 
Accelerate Big Data Application Development with Cascading
byCascading
 
Cascading on starfish
byFei Dong
 
Reducing Development Time for Production-Grade Hadoop Applications
byCascading
 
Architecting Your First Big Data Implementation
byAdaryl "Bob" Wakefield, MBA
 
Functional programming
 for optimization problems 
in Big Data
byPaco Nathan
 
Accelerate Big Data Application Development with Cascading and HDP, Hortonwor...
byHortonworks
 
Hadoop Big Data A big picture
byJ S Jodha
 
Architecting the Future of Big Data and Search
byHortonworks
 
Scaling up with hadoop and banyan at ITRIX-2015, College of Engineering, Guindy
byRohit Kulkarni
 
Boulder/Denver BigData: Cluster Computing with Apache Mesos and Cascading
byPaco Nathan
 
Data Pipelines in Hadoop - SAP Meetup in Tel Aviv
bylarsgeorge
 
C-BAG Big Data Meetup Chennai Oct.29-2014 Hortonworks and Concurrent on Casca...
byHortonworks
 
Cascading User Group Meet
byVinoth Kannan
 
Introduction to Hadoop and Big Data
byJoe Alex
 
Big data or big deal
byeduarderwee
 
Hadoop - Where did it come from and what's next? (Pasadena Sept 2014)
byEric Baldeschwieler
 
Atlanta hadoop users group july 2013
byChristopher Curtin
 
NoSQL, Hadoop, Cascading June 2010
byChristopher Curtin
 
Hadoop Overview by Sunitha Flowerhill
bySunitha Flowerhill
 

More from Cascading

PDF
Cascading - A Java Developer’s Companion to the Hadoop World
byCascading
 
PDF
The Cascading (big) data application framework - André Keple, Sr. Engineer, C...
byCascading
 
PPTX
7 Best Practices for Achieving Operational Readiness on Hadoop with Driven an...
byCascading
 
PPTX
Overview of Cascading 3.0 on Apache Flink
byCascading
 
PPTX
Introduction to Cascading
byCascading
 
PDF
Cascading 2015 User Survey Results
byCascading
 
PDF
How To Get Hadoop App Intelligence with Driven
byCascading
 
PDF
Breathe new life into your data warehouse by offloading etl processes to hadoop
byCascading
 
PDF
Predicting Hospital Readmission Using Cascading
byCascading
 
Cascading - A Java Developer’s Companion to the Hadoop World
byCascading
 
The Cascading (big) data application framework - André Keple, Sr. Engineer, C...
byCascading
 
7 Best Practices for Achieving Operational Readiness on Hadoop with Driven an...
byCascading
 
Overview of Cascading 3.0 on Apache Flink
byCascading
 
Introduction to Cascading
byCascading
 
Cascading 2015 User Survey Results
byCascading
 
How To Get Hadoop App Intelligence with Driven
byCascading
 
Breathe new life into your data warehouse by offloading etl processes to hadoop
byCascading
 
Predicting Hospital Readmission Using Cascading
byCascading
 

Recently uploaded

PDF
November 2025 OpenMetadata Community Spotlight - Astronomer & Airflow 3
byOpenMetadata
 
PPTX
How Design Systems and AI Agents Accelerate Product Delivery Sixt
byBoyan Dimitrov
 
PDF
IDSECCONF2025 - Ali - DursGo–Web Security Scanner with AI Analysis.pdf
byidsecconf
 
PDF
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
PDF
Supercharging Android Apps with On-Device AI: Gemini Nano
bydinoykraj
 
PDF
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
PDF
Supervised Machine Learning Approaches for Log-Based Anomaly Detection: A Cas...
byMohammed BEKKOUCHE
 
PDF
Linux Foundation Certified System Administrator (LFCS) Exam.pdf
byLinuxCert Guru
 
PDF
Beyond Basics: How to Build Scalable, Intelligent Imagery Pipelines
bySafe Software
 
PDF
SELinux Policy Management in RHEL - RHCSA+.pdf
byLinuxCert Guru
 
PDF
Raj Jain, Recent Advances, Issues, and Challenges in Cybersecurity, Keynote a...
byrjain51
 
PDF
Linux Professional Institute LPIC-1 Exam.pdf
byLinuxCert Guru
 
PPTX
Explaining ourselves – people, computers and AI
byAlan Dix
 
PDF
IDSECCONF2025 - Rama Tri Nanda - Hunting Stingray GSM on Budget.pdf
byidsecconf
 
PDF
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
PDF
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
PDF
Dev Dives: Build smarter agents with UiPath Agent Builder
byUiPathCommunity
 
PDF
Mutation Testing for Industrial Robotic Systems (FMAS 2025)
bySylvain Hallé
 
PDF
IDSECCONF2025 - Nosa Shandy - Discovering and Disclosing Privacy Vulnerabilit...
byidsecconf
 
PPTX
The power of Slack and MuleSoft | Bangalore MuleSoft Meetup #60
byshyamraj55
 
November 2025 OpenMetadata Community Spotlight - Astronomer & Airflow 3
byOpenMetadata
 
How Design Systems and AI Agents Accelerate Product Delivery Sixt
byBoyan Dimitrov
 
IDSECCONF2025 - Ali - DursGo–Web Security Scanner with AI Analysis.pdf
byidsecconf
 
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
Supercharging Android Apps with On-Device AI: Gemini Nano
bydinoykraj
 
UiPath DevConnect 2025: UiPath ScreenPlay - The Future of Human-Like Automation
byDianaGray10
 
Supervised Machine Learning Approaches for Log-Based Anomaly Detection: A Cas...
byMohammed BEKKOUCHE
 
Linux Foundation Certified System Administrator (LFCS) Exam.pdf
byLinuxCert Guru
 
Beyond Basics: How to Build Scalable, Intelligent Imagery Pipelines
bySafe Software
 
SELinux Policy Management in RHEL - RHCSA+.pdf
byLinuxCert Guru
 
Raj Jain, Recent Advances, Issues, and Challenges in Cybersecurity, Keynote a...
byrjain51
 
Linux Professional Institute LPIC-1 Exam.pdf
byLinuxCert Guru
 
Explaining ourselves – people, computers and AI
byAlan Dix
 
IDSECCONF2025 - Rama Tri Nanda - Hunting Stingray GSM on Budget.pdf
byidsecconf
 
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
Dev Dives: Build smarter agents with UiPath Agent Builder
byUiPathCommunity
 
Mutation Testing for Industrial Robotic Systems (FMAS 2025)
bySylvain Hallé
 
IDSECCONF2025 - Nosa Shandy - Discovering and Disclosing Privacy Vulnerabilit...
byidsecconf
 
The power of Slack and MuleSoft | Bangalore MuleSoft Meetup #60
byshyamraj55
 

Elasticsearch + Cascading for Scalable Log Processing

  • 1.
    DRIVING INNOVATION THROUGHDATA LARGE-SCALE LOG PROCESSING WITH CASCADING & LOGSTASH Elasticsearch Meetup, Oct 30 2014
  • 2.
    WHAT IS LOGFILE ANALYTICS? • Making sense of large amounts of [semi|un]structured data • What type of log file data? ‣ Syslog ‣ Web log files (Apache, Nginix, WebTrends, Omniture) ‣ POS transactions ‣ Advertising impressions (Doubleclick DART, OpenX, Atlas) ‣ Twitter firehose (yes, it’s a log file!) • Anything with a timestamp and data 2
  • 3.
    LOGSTASH ARCHITECTURE 3 h"p://www.slashroot.in/logstash1tutorial1linux1central1logging1server7 • Data collec*on is flexible • Lots of input/output plugins • Grok filtering is easy • Kibana UI is a?rac*ve
  • 4.
    WHAT CAN WEDO WITH CASCADING + LOGSTASH? • Provide richer log-processing capabilities • Integrate & correlate with other information ‣ Large list of integration adapters • Analyze large volumes of log data • Capture & retain unfiltered log data • Operationalize your log-processing application 4
  • 5.
    GET TO KNOWCONCURRENT 5 Leader in Application Infrastructure for Big Data • Building enterprise software to simplify Big Data application development and management Products and Technology • CASCADING Open Source - The most widely used application infrastructure for building Big Data apps with over 175,000 downloads each month • DRIVEN Enterprise data application management for Big Data apps Proven — Simple, Reliable, Robust • Thousands of enterprises rely on Concurrent to provide their data application infrastructure. Founded: 2008 HQ: San Francisco, CA CEO: Gary Nakamura CTO, Founder: Chris Wensel www.concurrentinc.com
  • 6.
    CASCADING - DE-FACTOSTANDARD FOR DATA APPS Cascading Apps 6 SQL Clojure Ruby New Fabrics Tez Storm Supported Fabrics and Data Stores Mainframe DB / DW In-Memory Data Stores Hadoop • Standard for enterprise data app development • Your programming language of choice • Cascading applications that run on MapReduce will also run on Apache Spark, Storm, and …
  • 7.
    CASCADING 3.0 7 “Write once and deploy on your fabric of choice.” • The Innovation — Cascading 3.0 will allow for data apps to execute on existing and emerging fabrics through its new customizable query planner. • Cascading 3.0 will support — Local In-Memory, Apache MapReduce and soon thereafter (3.1) Apache Tez, Apache Spark and Apache Storm Enterprise Data Applications Local In-Memory MapReduce Apache Tez, Storm, Computation Fabrics
  • 8.
    … AND INCLUDESRICH SET OF EXTENSIONS 8 http://www.cascading.org/extensions/
  • 9.
    DEMO: WORD COUNTEXAMPLE WITH CASCADING String docPath = args[ 0 ]; String wcPath = args[ 1 ]; Properties properties = new Properties(); AppProps.setApplicationJarClass( properties, Main.class ); HadoopFlowConnector flowConnector = new HadoopFlowConnector( properties ); 9 configuration integration // create source and sink taps Tap docTap = new Hfs( new TextDelimited( true, "t" ), docPath ); Tap wcTap = new Hfs( new TextDelimited( true, "t" ), wcPath ); processing // specify a regex to split "document" text lines into token stream Fields token = new Fields( "token" ); Fields text = new Fields( "text" ); RegexSplitGenerator splitter = new RegexSplitGenerator( token, "[ [](),.]" ); // only returns "token" Pipe docPipe = new Each( "token", text, splitter, Fields.RESULTS ); // determine the word counts Pipe wcPipe = new Pipe( "wc", docPipe ); wcPipe = new GroupBy( wcPipe, token ); wcPipe = new Every( wcPipe, Fields.ALL, new Count(), Fields.ALL ); scheduling // connect the taps, pipes, etc., into a flow definition FlowDef flowDef = FlowDef.flowDef().setName( "wc" ) .addSource( docPipe, docTap ) .addTailSink( wcPipe, wcTap ); // create the Flow Flow wcFlow = flowConnector.connect( flowDef ); // <<-- Unit of Work wcFlow.complete(); // <<-- Runs jobs on Cluster
  • 10.
    SOME COMMON PATTERNS • Functions • Filters • Joins ‣ Inner / Outer / Mixed ‣ Asymmetrical / Symmetrical • Merge (Union) • Grouping ‣ Secondary Sorting ‣ Unique (Distinct) • Aggregations ‣ Count, Average, etc 10 filter filter function function filter function data Pipeline Split Join Merge data Topology
  • 11.
    THE STANDARD FORDATA APPLICATION DEVELOPMENT 11 www.cascading.org Build data apps that are scale-free Design principals ensure best practices at any scale Test-Driven Development Efficiently test code and process local files before deploying on a cluster Staffing Bottleneck Use existing Java, SQL, modeling skill sets Application Portability Write once, then run on different computation fabrics Operational Complexity Simple - Package up into one jar and hand to operations Systems Integration Hadoop never lives alone. Easily integrate to existing systems Proven application development framework for building data apps Application platform that addresses:
  • 12.
    CASCADING • JavaAPI • Separates business logic from integration • Testable at every lifecycle stage • Works with any JVM language • Many integration adapters 12 Processing API Integration API Process Planner Scheduler API Scheduler Apache Hadoop Cascading Data Stores Scripting Scala, Clojure, JRuby, Jython, Groovy Enterprise Java
  • 13.
    BUSINESSES DEPEND ONUS • Cascading Java API • Data normalization and cleansing of search and click-through logs for use by analytics tools, Hive analysts • Easy to operationalize heavy lifting of data in one framework 13
  • 14.
    BROAD SUPPORT 14 Hadoop ecosystem supports Cascading
  • 15.
  • 16.
    OPERATIONAL EXCELLENCE VisibilityThrough All Stages of App Lifecycle From Development — Building and Testing • Design & Development • Debugging • Tuning To Production — Monitoring and Tracking • Maintain Business SLAs • Balance & Controls • Application and Data Quality • Operational Health • Real-time Insights 16
  • 17.
  • 18.
    DEEPER VISUALIZATION INTOYOUR HADOOP CODE • Easily comprehend, debug, and tune your data applications • Get rich insights on your application performance • Monitor applications in real-time • Compare app performance with historical (previous) iterations 18 Debug and optimize your Hadoop applications more effectively with Driven
  • 19.
    GET OPERATIONAL INSIGHTSWITH DRIVEN • Quickly breakdown how often applications execute based on their tags, teams, or names • Immediately identify if any application is monopolizing cluster resources • Understand the utilization of your cluster with a timeline of all applications running 19 Visualize the activity of your applications to help maintain SLAs
  • 20.
    ORGANIZE YOUR APPLICATIONSWITH GREATER FIDELITY • Easily keep track of all your applications by segmenting them with user-defined tags • Segment your applications for trending analysis, cluster analysis, and developing chargeback models • Quickly breakdown how often applications execute based on their tags, teams, or names 20 Segment your applications for greater insights across all your applications
  • 21.
    COLLABORATE WITH TEAMS Utilize teams to collaborate and gain visibility over your set of applications • Invite others to view and collaborate on a specific application • Gain visibility to all the apps and their owners associated with each team • Simply manage your teams and the users assigned to them 21
  • 22.
    MANAGE PORTFOLIO OFBIG DATA APPLICATIONS Fast, powerful, rich search capabilities enable you to easily find the exact set of • Identify problematic apps with their owners and teams • Search for groups of applications segmented by user-defined tags • Compare specific applications with their previous iterations to ensure that your application can meet its SL 22 applications that you’re looking for
  • 23.
    DRIVEN FOR HIVE:OPERATIONAL VISIBILITY FOR YOUR HIVE APPS • Understand the anatomy of your Hive app • Track execution of queries as single business process • Identify outlier behavior by comparison with historical runs • Analyze rich operational meta-data • Correlate Hive app behavior with other events on cluster 23
  • 24.
    • Logstash providesa flexible and a robust way to collect log data; Grok lets you parse logs without coding. Kibana UI is attractive to analyze the information • Cascading is the de-facto framework for building Big Data (Hadoop) applications and processing data at scale • Cascading+Logstash let’s you develop applications to collect and process large volumes of data • With Driven, you can put your mission critical log-processing applications in production and monitor SLAs TAKE AWAY POINTS 24
  • 25.
    CONTACT INFORMATION SupreetOberoi supreet@concurrentinc.com 650-868-7675 (m) @supreet_online
  • 26.
    DRIVING INNOVATION THROUGHDATA THANK YOU Supreet Oberoi