In the cloud when you’re talking about hundreds and thousands of instances things like logging can become a hassle. You’re certainly not going to read every log, and you could use rsyslog. We have an rsyslog charm which you can use to relate to things and send the logs to a centralized server. But that’s still just raw logs.
There’s this great tool under development called Logstash. It’s got a bunch of great features, and you can just watch the author explain it here. After seeing this video I thought, wow, this would be an awesome tool for Ubuntu devops everywhere. So I asked if someone was interested in working on this.
Paul Czarkowski answered the call and has submitted a set of Juju charms for Logstash, Elastic Search, and Kibana. Here’s his blog post on the process. You can find the three charms here:
They of course need to go through review and get into the actual store, but I’m just excited that Paul took this one by the horns and now we have a nice open source alternative to Splunk for users. If you’re deploying logstash already have a look and feel free to send improvements.
Looking to help fill out the Ubuntu logging story? Well we could certainly use a Greylog2 charm to go along with it. Inquire within!