Return-Path: 
 <user-return-11239-apmail-hadoop-common-user-archive=hadoop.apache.org@hadoop.apache.org>
X-Original-To: apmail-hadoop-common-user-archive@www.apache.org
Delivered-To: apmail-hadoop-common-user-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id AFD5D1049F
	for <apmail-hadoop-common-user-archive@www.apache.org>;
 Fri, 11 Oct 2013 05:37:00 +0000 (UTC)
Received: (qmail 14191 invoked by uid 500); 11 Oct 2013 05:36:54 -0000
Delivered-To: apmail-hadoop-common-user-archive@hadoop.apache.org
Received: (qmail 13821 invoked by uid 500); 11 Oct 2013 05:36:52 -0000
Mailing-List: contact user-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@hadoop.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@hadoop.apache.org>
List-Post: <mailto:user@hadoop.apache.org>
List-Id: <user.hadoop.apache.org>
Reply-To: user@hadoop.apache.org
Delivered-To: mailing list user@hadoop.apache.org
Received: (qmail 13738 invoked by uid 99); 11 Oct 2013 05:36:50 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Oct 2013 05:36:50 +0000
X-ASF-Spam-Status: No, hits=1.5 required=5.0
	tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of sagarmehta@gmail.com designates
 74.125.82.181 as permitted sender)
Received: from [74.125.82.181] (HELO mail-we0-f181.google.com) (74.125.82.181)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Oct 2013 05:36:45 +0000
Received: by mail-we0-f181.google.com with SMTP id t60so3706922wes.12
        for <user@hadoop.apache.org>; Thu, 10 Oct 2013 22:36:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=87vCrdT42InI6r2nClWtFmMZj70y42PPZzdAYtfzqxY=;
        b=ob/tNUqiH3VgkE3DAZfmWOcWDKh9WqOchnuxXGi7xmNdy/4RvI9IwwwrS8+RAruF7C
         firYIKFQKGz+g9WxQpvyqoNdEI+uIvw+NibrzHiHWN/LxXNpshiNgpHiGn8WqcxDEg1L
         FmmWs6AlOTCaAHXN1lWfu59gLkLRs0YaiEIF/2Y4wDWLjYSaNK7OaegsiNcLT0vEMkF3
         +MeNOrXIYi1XgjEthptp32kLUZ/hs6E/Xj55lzjTgKR/CiykTJXOVmXKu34isicoDO98
         Pwvlgphae9o0aT/F7/2Ij7nMB5oYFZgxYUeMvw/g/Pzgmm/NIe4MZVTz6zbuXLSkd6Zr
         rXLg==
MIME-Version: 1.0
X-Received: by 10.180.90.197 with SMTP id by5mr1500098wib.43.1381469784844;
 Thu, 10 Oct 2013 22:36:24 -0700 (PDT)
Received: by 10.194.164.67 with HTTP; Thu, 10 Oct 2013 22:36:24 -0700 (PDT)
Date: Thu, 10 Oct 2013 22:36:24 -0700
Message-ID: 
 <CAMq4vAEbcKFH7s47pzvDzUFAbFLVJfhbMZB9XfSh+XL9Kwg_hA@mail.gmail.com>
Subject: State of Art in Hadoop Log aggregation
From: Sagar Mehta <sagarmehta@gmail.com>
To: user@hadoop.apache.org
Content-Type: multipart/alternative; boundary=f46d0438eb6dcb2da304e8707f19
X-Virus-Checked: Checked by ClamAV on apache.org

--f46d0438eb6dcb2da304e8707f19
Content-Type: text/plain; charset=ISO-8859-1

Hi Guys,

We have fairly decent sized Hadoop cluster of about 200 nodes and was
wondering what is the state of art if I want to aggregate and visualize
Hadoop ecosystem logs, particularly

   1. Tasktracker logs
   2. Datanode logs
   3. Hbase RegionServer logs

One way is to use something like a Flume on each node to aggregate the logs
and then use something like Kibana -
http://www.elasticsearch.org/overview/kibana/ to visualize the logs and
make them searchable.

However I don't want to write another ETL for the hadoop/hbase logs
 themselves. We currently log in to each machine individually to 'tail -F
logs' when there is an hadoop problem on a particular node.

We want a better way to look at the hadoop logs themselves in a centralized
way when there is an issue without having to login to 100 different
machines and was wondering what is the state of are in this regard.

Suggestions/Pointers are very welcome!!

Sagar

--f46d0438eb6dcb2da304e8707f19
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Hi Guys,<div><br></div><div>We have fairly decent sized Ha=
doop cluster of about 200 nodes and was wondering what is the state of art =
if I want to aggregate and visualize Hadoop ecosystem logs, particularly</d=
iv>
<div><ol><li>Tasktracker logs<br></li><li>Datanode logs<br></li><li>Hbase R=
egionServer logs<br></li></ol><div>One way is to use something like a Flume=
 on each node to aggregate the logs and then use something like Kibana -=A0=
<a href=3D"http://www.elasticsearch.org/overview/kibana/">http://www.elasti=
csearch.org/overview/kibana/</a> to visualize the logs and make them search=
able.</div>
</div><div><br></div><div>However I don&#39;t want to write another ETL for=
 the hadoop/hbase logs =A0themselves. We currently log in to each machine i=
ndividually to &#39;tail -F logs&#39; when there is an hadoop problem on a =
particular node.</div>
<div><br></div><div>We want a better way to look at the hadoop logs themsel=
ves in a centralized way when there is an issue without having to login to =
100 different machines and was wondering what is the state of are in this r=
egard.</div>
<div><br></div><div>Suggestions/Pointers are very welcome!!</div><div><br><=
/div><div>Sagar</div></div>

--f46d0438eb6dcb2da304e8707f19--