Return-Path: X-Original-To: apmail-hadoop-mapreduce-user-archive@minotaur.apache.org Delivered-To: apmail-hadoop-mapreduce-user-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 575B710030 for ; Fri, 11 Oct 2013 13:55:33 +0000 (UTC) Received: (qmail 20290 invoked by uid 500); 11 Oct 2013 13:55:24 -0000 Delivered-To: apmail-hadoop-mapreduce-user-archive@hadoop.apache.org Received: (qmail 20216 invoked by uid 500); 11 Oct 2013 13:55:23 -0000 Mailing-List: contact user-help@hadoop.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@hadoop.apache.org Delivered-To: mailing list user@hadoop.apache.org Received: (qmail 20206 invoked by uid 99); 11 Oct 2013 13:55:22 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Oct 2013 13:55:22 +0000 X-ASF-Spam-Status: No, hits=1.5 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of wget.null@gmail.com designates 209.85.215.177 as permitted sender) Received: from [209.85.215.177] (HELO mail-ea0-f177.google.com) (209.85.215.177) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 11 Oct 2013 13:55:15 +0000 Received: by mail-ea0-f177.google.com with SMTP id f15so1858755eak.8 for ; Fri, 11 Oct 2013 06:54:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:message-id:mime-version:subject:date:references :to:in-reply-to; bh=y/a0zg0zQ5Ugf8044RNWIpRWHplG2LLcLut0VFlsNdQ=; b=Lvuk/5IttCGa1I1DXGROlEG8B8tf9R7CG+KOm6oW0cwsGyXhLn8A4m8hcHgkq6a0MX G+iTtuVUPe/ZufcbQNg/ct7EAWdApu/r4S2nGj/6XP/l6aLl5qHUUTxwdRXqedYa5ImD bfy/dcOZrCEI9/rWmzDBNSxbGKNWBaSHncQMia1rEY3/cgKp+VcyEqfsL+jMfqxlidBM HTpD6oGhqonc9pVgY79ffRM+O7ek7Vn9PphGXDrbMRlE9Vr0yckQKdFEKXZxvpiC/2el GMGbTiQHzfpw2Ul5MQqJ6ftinmltPDN7919tBKjCsSyUxc1xsFNZgdeXZPTebvZ3R9jl W4Cg== X-Received: by 10.14.184.132 with SMTP id s4mr29689546eem.13.1381499695784; Fri, 11 Oct 2013 06:54:55 -0700 (PDT) Received: from [192.168.200.51] (HSI-KBW-37-209-122-170.hsi15.kabel-badenwuerttemberg.de. [37.209.122.170]) by mx.google.com with ESMTPSA id b45sm114983613eef.4.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 11 Oct 2013 06:54:54 -0700 (PDT) From: Alexander Alten-Lorenz Content-Type: multipart/alternative; boundary="Apple-Mail=_2C8EC0CC-2461-4F30-839D-9AAB8FE6CADA" Message-Id: Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\)) Subject: Re: State of Art in Hadoop Log aggregation Date: Fri, 11 Oct 2013 15:54:54 +0200 References: To: user@hadoop.apache.org In-Reply-To: X-Mailer: Apple Mail (2.1510) X-Virus-Checked: Checked by ClamAV on apache.org --Apple-Mail=_2C8EC0CC-2461-4F30-839D-9AAB8FE6CADA Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=iso-8859-1 Hi, http://flume.apache.org - Alex On Oct 11, 2013, at 7:36 AM, Sagar Mehta wrote: > Hi Guys, >=20 > We have fairly decent sized Hadoop cluster of about 200 nodes and was = wondering what is the state of art if I want to aggregate and visualize = Hadoop ecosystem logs, particularly > Tasktracker logs > Datanode logs > Hbase RegionServer logs > One way is to use something like a Flume on each node to aggregate the = logs and then use something like Kibana - = http://www.elasticsearch.org/overview/kibana/ to visualize the logs and = make them searchable. >=20 > However I don't want to write another ETL for the hadoop/hbase logs = themselves. We currently log in to each machine individually to 'tail -F = logs' when there is an hadoop problem on a particular node. >=20 > We want a better way to look at the hadoop logs themselves in a = centralized way when there is an issue without having to login to 100 = different machines and was wondering what is the state of are in this = regard. >=20 > Suggestions/Pointers are very welcome!! >=20 > Sagar -- Alexander Alten-Lorenz http://mapredit.blogspot.com German Hadoop LinkedIn Group: http://goo.gl/N8pCF --Apple-Mail=_2C8EC0CC-2461-4F30-839D-9AAB8FE6CADA Content-Transfer-Encoding: 7bit Content-Type: text/html; charset=iso-8859-1
Hi,


- Alex

On Oct 11, 2013, at 7:36 AM, Sagar Mehta <sagarmehta@gmail.com> wrote:

Hi Guys,

We have fairly decent sized Hadoop cluster of about 200 nodes and was wondering what is the state of art if I want to aggregate and visualize Hadoop ecosystem logs, particularly
  1. Tasktracker logs
  2. Datanode logs
  3. Hbase RegionServer logs
One way is to use something like a Flume on each node to aggregate the logs and then use something like Kibana - http://www.elasticsearch.org/overview/kibana/ to visualize the logs and make them searchable.

However I don't want to write another ETL for the hadoop/hbase logs  themselves. We currently log in to each machine individually to 'tail -F logs' when there is an hadoop problem on a particular node.

We want a better way to look at the hadoop logs themselves in a centralized way when there is an issue without having to login to 100 different machines and was wondering what is the state of are in this regard.

Suggestions/Pointers are very welcome!!

Sagar

--
Alexander Alten-Lorenz
http://mapredit.blogspot.com
German Hadoop LinkedIn Group: http://goo.gl/N8pCF

--Apple-Mail=_2C8EC0CC-2461-4F30-839D-9AAB8FE6CADA--