Logmatic.io

Release note: November 10th - 2016

It is November already and it's been 6 weeks since our last release, so, longer than normal. But there is a good reason for that: the R&D, the Product team and the Evangelists worked really hard & hand in hand to deliver the biggest update Logmatic.io has ever done.

And the statistics speak for themselves - in these last 42 days:

  • We processed 165 tickets. Most of them are implementation of new things.
  • Which represents more than 300 bullet points of specifications
  • The R&D did 420 commits on the front end and 289 commits on the data processing engine

It was pretty intense...

So what are we preparing?

A brand new way to integrate Logmatic.io in the Cloud ecosystem: with open sourced technologies, Cloud providers, PaaS platforms, Team Chat tools, Alert escalations platforms, CDNs, and any third parties, etc....
Thinking about how you should configure Logmatic.io to reach your goals comes to an end. In the near future, you'll select what you want to integrate and your environment will automatically provide the best cooked recipes prepared out of all the experience we accumulated by exchanging with our users.

Can I get to it right now??

Actually... not yet! I am teasing you but this is a matter of 2-3 weeks. :)
But... we delivered what we baptised the "V0". In the upcoming days we are going to migrate you in this new V0 model in order to pave the way to the V1 that is about to arrive. And you'll see some of the significant modifications we are going to detail just below.

That's all?

No! You sure want a lot guys! We also have some cool stuffs that you get RIGHT NOW! ;)

Let's see that:

Integrations

The new integration view

The Add new source view is dead, long live Integrations!

It looks like the view we had before but it's full screen and you can - from now on - install and uninstall an integration.

Apache and SSHD are installed

Apache and SSHD are installed

When you click on an integration we provide a description of what it is and a quick overview of what you can expect from it. If you want to proceed you will then go through 2 steps:

  • Setup: a auto-generated step-by-step tutorial that explains what you have to do on your own to integrate the data, the technology or the platform with Logmatic.io
  • Integration: ask Logmatic.io to install several or all the proposed configuration entry sets (dashboards, parsers, endpoints, alerts, etc...).
The HAProxy integration page

The HAProxy integration page

Install/Uninstall an integration

As mentioned above, an integration is installed or not... When you install an integration, you'll see new configuration entries generated at various places with the name of the integration that generated it attached to it.

Parsers generated by `Sshd` and `Apache` integration

Parsers generated by Sshd and Apache integration

Most of these configuration entries are editable and deletable so you can adapt them if you need to.

Parsing and enrichment

The Parsing tab

We slightly changed the way parsing is handled on Logmatic.io. A parser is now applied only on the main message attribute. And not on any attribute as it was done before.

A parser can also assign one or multiple @marker to a matching log. This marker is used in the various processing pipeline that is applied right after.

The `Apache` parser

The Apache parser

The @marker attribute

As mentioned the @marker is a newly reserved attribute that is used to tag log entries.

This tagging is used either:

  • To filter out logs in the user interface
  • To trigger additional processing selectively

Processing pipelines

A processing pipeline is an ordered set of data transformation processors applied if the incoming log entry defines the right @marker(s).

You can find processing pipelines in the Enrichment & Parsing menu on the tab Pipeline.

IIS processing pipeline

IIS processing pipeline

In this IIS pipeline illustrated above, the following processing is applied:

  • We consider the iis.date as the official date
  • Do some geo ip resolution on the clientip attribute
  • Parse the useragent attribute to find out the browser, operating system and device of IIS requests

Various processors are available to remap Hostname, Appname and Severity for instance or create custom Field Parser(s).

Analytics

Dual metrics time series

The time series now tolerate either a split by over a field (eg hostnames) or multiple metrics as illustrated in the example below:

95pct slowest queries (left scale) compared to the number of unique users (right scale)

95pct slowest queries (left scale) compared to the number of unique users (right scale)

Ergonomics & Usability

Search and Select all on filters

When searching on a top level filter, you can now click on the select all button to multi-select all the matching values:

Quickly select all the hostnames that match the pattern `*mongo*`

Quickly select all the hostnames that match the pattern *mongo*

Quick links in log view when a URL is displayed

In the contextual panel, quick links will be added aside all the values that we recognise as a valid URL.

Click on the link aside of URLs to open a new tab in your web browser.

Click on the link aside of URLs to open a new tab in your web browser.

Resize the contextual panel

You can now change the width of the contextual panel:

Documentation & user support

The new support button

We reviewed the support button so it provides all the helpful links in a modern and fancy way :)

Click on the support button and go on the doc

Click on the support button and go on the doc