In the cloud when you’re talking about hundreds and thousands of instances things like logging can become a hassle. You’re certainly not going to read every log, and you could use rsyslog. We have an rsyslog charm which you can use to relate to things and send the logs to a centralized server. But that’s still just raw logs.

There’s this great tool under development called Logstash. It’s got a bunch of great features, and you can just watch the author explain it here. After seeing this video I thought, wow, this would be an awesome tool for Ubuntu devops everywhere. So I asked if someone was interested in working on this.

Paul Czarkowski answered the call and has submitted a set of Juju charms for Logstash, Elastic Search, and Kibana. Here’s his blog post on the process. You can find the three charms here:

• http://jujucharms.com/~paulcz/precise/elasticsearch
• http://jujucharms.com/~paulcz/precise/kibana
• http://jujucharms.com/~paulcz/precise/logstash-indexer

They of course need to go through review and get into the actual store, but I’m just excited that Paul took this one by the horns and now we have a nice open source alternative to Splunk for users. If you’re deploying logstash already have a look and feel free to send improvements.

Looking to help fill out the Ubuntu logging story? Well we could certainly use a Greylog2 charm to go along with it. Inquire within!