Book Image

Apache Flume: Distributed Log Collection for Hadoop

By : Steven Hoffman
Book Image

Apache Flume: Distributed Log Collection for Hadoop

By: Steven Hoffman

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Apache Flume: Distributed Log Collection for Hadoop
Steven Hoffman
Feb, 2015 | 178 pages
No titles found
Table of Contents (16 chapters)
Apache Flume: Distributed Log Collection for Hadoop Second Edition
Apache Flume: Distributed Log Collection for Hadoop Second Edition
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Overview and Architecture
Overview and Architecture
Flume 0.9
Flume 1.X (Flume-NG)
The problem with HDFS and streaming data/logs
Sources, channels, and sinks
Flume events
The Kite SDK
Summary
2
A Quick Start Guide to Flume
A Quick Start Guide to Flume
Downloading Flume
An overview of the Flume configuration file
Starting up with "Hello, World!"
Summary
3
Channels
Channels
The memory channel
The file channel
Spillable Memory Channel
Summary
4
Sinks and Sink Processors
Sinks and Sink Processors
HDFS sink
Compression codecs
Event Serializers
Sink groups
MorphlineSolrSink
ElasticSearchSink
Summary
5
Sources and Channel Selectors
Sources and Channel Selectors
The problem with using tail
The Exec source
Spooling Directory Source
Syslog sources
JMS source
Channel selectors
Summary
6
Interceptors, ETL, and Routing
Interceptors, ETL, and Routing
Interceptors
Tiering flows
The embedded agent
Routing
Summary
7
Putting It All Together
Putting It All Together
Web logs to searchable UI
Archiving to HDFS
Summary
8
Monitoring Flume
Monitoring Flume
Monitoring the agent process
Monitoring performance metrics
Summary
9
There Is No Spoon – the Realities of Real-time Distributed Data Collection
There Is No Spoon – the Realities of Real-time Distributed Data Collection
Transport time versus log time
Time zones are evil
Capacity planning
Considerations for multiple data centers
Compliance and data expiry
Summary
Index
Index

Summary

In this chapter, we iteratively assembled an end-to-end data flow. We started by setting up an Nginx web server to create access logs. We also configured cron to execute a logrotate configuration periodically to safely rotate old logs to a spooling directory.

Next, we installed and configured a single-node Elasticsearch server and tested some insertions and deletions. Then we configured a Flume client to read input from our spooling directory filled with web logs, and relay them to a Flume collector using compressed Avro serialization. The collector then relayed the incoming data to our Elasticsearch server.

Once we saw data flowing from one end to another, we set up a single-node HDFS server and modified our collector configuration to split the input data feed and relay a copy of the message to HDFS, simulating archival storage. Finally, we set up a Kibana UI in front of our Elasticsearch instance to provide an easy-search function for nontechnical consumers.

In the next chapter, we...

Previous Section
End of Chapter 7
Next Chapter