Book Image

Apache Flume: Distributed Log Collection for Hadoop

By : Steven Hoffman
Book Image

Apache Flume: Distributed Log Collection for Hadoop

By: Steven Hoffman

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Apache Flume: Distributed Log Collection for Hadoop
Steven Hoffman
Feb, 2015 | 178 pages
No titles found
Table of Contents (16 chapters)
Apache Flume: Distributed Log Collection for Hadoop Second Edition
Apache Flume: Distributed Log Collection for Hadoop Second Edition
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Overview and Architecture
Overview and Architecture
Flume 0.9
Flume 1.X (Flume-NG)
The problem with HDFS and streaming data/logs
Sources, channels, and sinks
Flume events
The Kite SDK
Summary
2
A Quick Start Guide to Flume
A Quick Start Guide to Flume
Downloading Flume
An overview of the Flume configuration file
Starting up with "Hello, World!"
Summary
3
Channels
Channels
The memory channel
The file channel
Spillable Memory Channel
Summary
4
Sinks and Sink Processors
Sinks and Sink Processors
HDFS sink
Compression codecs
Event Serializers
Sink groups
MorphlineSolrSink
ElasticSearchSink
Summary
5
Sources and Channel Selectors
Sources and Channel Selectors
The problem with using tail
The Exec source
Spooling Directory Source
Syslog sources
JMS source
Channel selectors
Summary
6
Interceptors, ETL, and Routing
Interceptors, ETL, and Routing
Interceptors
Tiering flows
The embedded agent
Routing
Summary
7
Putting It All Together
Putting It All Together
Web logs to searchable UI
Archiving to HDFS
Summary
8
Monitoring Flume
Monitoring Flume
Monitoring the agent process
Monitoring performance metrics
Summary
9
There Is No Spoon – the Realities of Real-time Distributed Data Collection
There Is No Spoon – the Realities of Real-time Distributed Data Collection
Transport time versus log time
Time zones are evil
Capacity planning
Considerations for multiple data centers
Compliance and data expiry
Summary
Index
Index

ElasticSearchSink

Another common target to stream data to be searched in NRT is Elasticsearch. Elasticsearch is also a clustered searching platform based on Lucene, like Solr. It is often used along with the logstash project (to create structured logs) and the Kibana project (a web UI for searches). This trio is often referred to as the acronym ELK (Elasticsearch/Logstash/Kibana).

Note

Here are the project home pages for the ELK stack that can give you a much better overview than I can in a few short pages:

In Elasticsearch, data is grouped into indices. You can think of these as being equivalent to databases in a single MySQL installation. The indices are composed of types (similar to tables in databases), which are made up of documents. A document is like a single row in a database, so, each Flume event will become a single document in ElasticSearch. Documents have...

Previous Section
End of Section 7
Next Section