Optimizing your iot logging strategy


IOTAConf
Oct 21, 2014


Hi, I'm Ryan 

Engineer at Ninefold



What we'll cover


  • What is logging? 
  • The importance of time
  • Log management workflows
  • Some lessons we've learned


Big Data!




Tiny Devices!



The two types of logs we care about


Debugging = hardware, software

Data = what's being measured, acted on


What's a log? 


[ timestamp ] + [ data ] = 1 log entry


Examples: 

$tail /var/log/authd.log 

Oct 20 09:11:44 Ryans-MacBook-Pro-2.local com.apple.authd[35]: Succeeded authorizing right 'com.apple.ServiceManagement.daemons.modify' by client '/usr/libexec/UserEventAgent' [11] for authorization created by '/usr/libexec/UserEventAgent' [11] (12,0)

==
[ timestamp ] + [source] + [pid] + [ message ] 




$tail /var/log/ppp.log

Sat Feb 15 18:32:24 2014 : Connection terminated.

==

[ timestamp ] + [ message ] 


The Real-time Clock 



You've got the logs, now what? 



Filtered Logs



The E.L.K. stack


  • Elasticsearch
  • Logstash
  • Kibana

The IDEA:


The IMPLEMENTATION:




Uhh..

LogstashQueueBuildup.png

Ok...



THANK YOU


ryan@ninefold.com

@I_am_Ryo

github: IAMRYO


Made with Slides.com