Learn to Love Log Files
A vast majority of software projects start out with no though as to what should go into log files. Log files are effectively a 3rd class citizen in the software development thought process. I’ve seen a few companies mandate certain data in log files for projects to ease the transition from development to production – handover to support (both infrastructure and application). Having spent some time using ELK, ingesting log files from applications that really aren’t structured very well, I now believe that ELK is an easy way for development teams to eat their own dog food.
What follows are a few points that I found useful:
- Get familiar with grok fast when using logstash
- When I started out with ELK, I unfortunately ingested log files that didn’t get grok’s appropriate. Deleting document is thus helpful as a query.
- Index’s are important 🙂