Drupal and Logstash: centralised logging

The ELK stack – Elasticsearch, Logstash and Kibana – is a popular combination for aggregating, filtering and visualising data from multiple log streams. This presentation will demonstrate them being used in combination to analyse the webserver and Drupal watchdog logs. You will see data being filtered on the fly with lots of pretty graphs.

The focus of this presentation will be on how easy it is to start. We will cover how to run the ELK stack on your development machine with just a few commands - using the power of docker - and analyse your apache, Drupal and php logs.

Then we will have a look at real production installation, recieving logs from different sources, where we will analyse a problem and visualise trends.

The objective of this session is to:

• get you excited about Logstash, understand what it is
• get you motivated enough to start using it, even to set it up yourself
• realise the power of a centralised logging solution

About Marji

Marji is a co-founder and the chief system administrator and DevOps advocate working for Morpht, specialising in Ansible, Puppet, Jenkins, high available Logstash, server configuration and developer workflow. He works with / supports Drupal servers and sites on daily basics.

He recently deployed several logstash solutions, the last one being high available and designed to scale up to handle logs from hundreds of webservers.

While presenting ELK / logstash at DrupalCamp Sydney, he realised this would be a perfect topic for DrupalCon Asia! :)