Using Solr to Search and Analyze Logs
Presented by Radu Gheorghe, Software Engineer, , Sematext Group, Inc
Many of us tend to hate or simply ignore logs, and rightfully so: they're typically hard to find, difficult to handle, and are cryptic to the human eye. But can we make logs more valuable and more usable if we index them in Solr, so we can search and run real-time statistics on them? Indeed we can, and in this session you'll learn how to make that happen. In the first part of the session we'll explain why centralized logging is important, what valuable information one can extract from logs, and we'll introduce the leading tools from the logging ecosystems everyone should be aware of - from syslog and log4j to LogStash and Flume. In the second part we'll teach you how to use these tools in tandem with Solr. We'll show how to use Solr in a SolrCloud setup to index large volumes of logs continuously and efficiently. Then, we'll look at how to scale the Solr cluster as your data volume grows. Finally, we'll see how you can parse your unstructured logs and convert them to nicely structured Solr documents suitable for analytical queries.