Integrating Log Management into Your DevOps Workflow
We live in a day where large amounts of data is constantly being distributed and recorded, and sometimes that can be overwhelming. One way to stay on top of everything is to integrate a well thought out log management system into your current devops or IT workflow. Log data can help you become aware of application errors, slow web performance, and other operational issues before they turn into a larger scale issue or start costing your company revenue.
What is log management?
Log management can be defined as the way you deal with large volumes of log messages and or log data, sometimes also referred to as audit trails, event logs, etc. This could include processes and policies you use to store them, generate them, archive them, and even how you dispose of them. Log data provides a record of what is happening in your business, from recording transactions, database queries, distributed services, CDN traffic, Nginx errors, etc. Whether it is an information system, service, or web server, data is being logged for just about everything.
Below are just a few examples of what you can use log management with:
- File Monitoring
- CDN (such as KeyCDN)
The real problem when you don't have a log management system or process in place is that it is easy to let the ball drop as they say because of not having a good handle on all the countless sources of data. Sven Dummer over at Loggly wrote a great article about what he calls the logging conundrum. He gives the advice of asking yourself three questions for every component or distributed service you have running.
- Does it log?
- If it doesn't log, should it?
- Should its logs be centralized in a log management service or software?
Advantages to using centralized log management
Obviously one of the biggest advantages to a centralized log management system is the ability to see all of the data. While it is possible to get an overload of data, many of the logging tools now have powerful filters in place which you can use to only see what you need to see. You can even run live-tail searches. Below are some additional advantages to a centralized log management service.
- Ability to identify key trends and anomalies and correlate events across your systems.
- Using your log management service as a monitoring tool can help more cohesively connect the data with downtime.
- Spend less time bouncing between different data log locations and dashboards. Big advantage to having everything under one dashboard.
- Turn searches across different devices and platforms into real-time alerts, reports or dashboards with a few mouse clicks.
- Troubleshoot problems faster and notify the right people.
As long as you maintain "log silos," you will not be able to get a cohesive, in-context view of everything that makes your application run.
Log management services
When it comes to log management there are a lot of tools and services to help you centralize and improve your workflow. We will be covering a larger list of log management tools in an upcoming post, but below are recommended ones.
Loggly is a cloud based logging management and analytics service provider founded in 2009. There main focus is that log management needs to be much simpler and that DevOps, SysOps, and Engineers should not have to worry about log management. Some of their customers include EA, Autodesk, SendGrid, Atlassian, Sony Pictures, and Citrix.
Some common use cases
Below are some common uses cases in which Loggly's customers are using log management in their workflows.
- Troubleshooting periodic slowness on a website and searching logs to discover it was a low memory issue.
- Notifications sent to team when the payment processing service on an ecommerce site falls out of the SLA of 500 ms.
- Identifying increased processing time trends due to a recent bug introduced from the last software update from the development team.
- Using New Relic and Loggly together to more quickly see why the CPU is maxing out.
CDN log management with KeyCDN
KeyCDN provides you with the ability to export your raw logs in real time as syslog messages over UDP. Normally this implies that you could receive such messages with a syslog server, but that would again mean your creating a "log silo." So you can easily export your KeyCDN logs to a external log management service like Loggly. See our tutorial on how to enable log forwarding. We also have a complete list of KeyCDN log formats.
Having a good system in place for log management can be a great way to improve your DevOps workflow, save time, and help troubleshoot issues with power search capabilities that extend across all of your devices and services. Using a third party log management service like Loggly can be a great cost effective solution.