Documents
  • Invariant Documents
  • Platform
    • Data Platform
      • Install Overview
      • System Requirement
      • Software Requirement
      • Prepare the Environment
      • Installing Ambari Server
      • Setup Ambari Server
      • Start Ambari Server
      • Single Node Install
      • Multi-Node Cluster Install
      • Cluster Install from Ambari
      • Run and monitor HDFS
    • Apache Hadoop
      • Compatible Hadoop Versions
      • HDFS
        • HDFS Architecture
        • Name Node
        • Data Node
        • File Organization
        • Storage Format
          • ORC
          • Parquet
        • Schema Design
      • Hive
        • Data Organization
        • Data Types
        • Data Definition
        • Data Manipulation
          • CRUD Statement
            • Views, Indexes, Temporary Tables
        • Cost-based SQL Optimization
        • Subqueries
        • Common Table Expression
        • Transactions
        • SerDe
          • XML
          • JSON
        • UDF
      • Oozie
      • Sqoop
        • Commands
        • Import
      • YARN
        • Overview
        • Accessing YARN Logs
    • Apache Kafka
      • Compatible Kafka Versions
      • Installation
    • Elasticsearch
      • Compatible Elasticsearch Versions
      • Installation
  • Discovery
    • Introduction
      • Release Notes
    • Methodology
    • Discovery Pipeline
      • Installation
      • DB Event Listener
      • Pipeline Configuration
      • Error Handling
      • Security
    • Inventory Manager
      • Installation
      • Metadata Management
      • Column Mapping
      • Service Configuration
      • Metadata Configuration
      • Metadata Changes and Versioning
        • Generating Artifacts
      • Reconciliation, Merging Current View
        • Running daily reconciliation and merge
      • Data Inventory Reports
    • Schema Registry
  • Process Insight
    • Process Insight
      • Overview
    • Process Pipeline
      • Data Ingestion
      • Data Storage
    • Process Dashboards
      • Panels
      • Templating
      • Alerts
        • Rules
        • Notifications
  • Content Insight
    • Content Insight
      • Release Notes
      • Configuration
      • Content Indexing Pipeline
    • Management API
    • Query DSL
    • Configuration
  • Document Flow
    • Overview
  • Polyglot Data Manager
    • Polyglot Data Manager
      • Release Notes
    • Data Store
      • Concepts
      • Sharding
    • Shippers
      • Filerelay Container
    • Processors
    • Search
    • User Interface
  • Operational Insight
    • Operational Insight
      • Release Notes
    • Data Store
      • Concepts
      • Sharding
    • Shippers
      • Filerelay Container
    • Processors
    • Search
    • User Interface
  • Data Science
    • Data Science Notebook
      • Setup JupyterLab
      • Configuration
        • Configuration Settings
        • Libraries
    • Spark DataHub
      • Concepts
      • Cluster Setup
      • Spark with YARN
      • PySpark Setup
        • DataFrame API
      • Reference
  • Product Roadmap
    • Roadmap
  • TIPS
    • Service Troubleshooting
    • Service Startup Errors
    • Debugging YARN Applications
      • YARN CLI
    • Hadoop Credentials
    • Sqoop Troubleshooting
    • Log4j Vulnerability Fix
Powered by GitBook
On this page
  • Filebeat
  • Java Log Forwarder
  • Nmonrelay
  • Journalbeat
  1. Operational Insight

Shippers

PreviousShardingNextFilerelay Container

Last updated 4 years ago

Operational Insight makes use of agents, which run on edge servers to continuously ingest and process logs, metrics and other event data of interest. Application logs, OS stats and performance metrics are written locally on application servers in a variety of formats and are usually on different file-systems and servers. This data must be moved to a central location, cleansed and transformed before it can be analyzed.

Shippers are made up of forwarders and transformers, which form part of the Operational Insight data pipeline, allowing efficiently movement of large amount of data to a central index store in near real time.

Filebeat

Filebeat is a native log shipper, offering a lightweight way to forward and centralize logs and files. It can be installed as an agent on Linux and windows servers, where it monitors the log directories or specific log files, tails the files, and forwards them on to a central log parsing engine.

Filebeat log shipper monitors log directories or specific log files, keeps track of changes to the file contents, and forwards the new entries to Logstash for indexing.

When you start Filebeat, it starts one or more prospectors that look in the local paths you’ve specified for log files. For each log file located, Filebeat aggregates the events and sends the aggregated data to the configured output.

Before starting, please collect the connection information:

  • Location of log files

  • Fields to be mapped – app, tier, appsvr, lpar and logtype

Java Log Forwarder

The log Forwarder is a Java based log data shipper. It can be installed as an agent on any server where you can run Java. Once started, it monitors the log directories or specific log files, tails the files, and forwards them on to Logstash using the Lumberjack protocol. Use the java log forwarder if you have to forward logs from an operating systems which do not support golang.

Nmonrelay

Nmonrelay collects nmon data from the servers and send the data periodically to processor nodes for parsing. Nmon is a popular performance metrics data capture program for UNIX servers. Kafka is the only supported output target for nmonrelay.

Journalbeat

Journalbeat is a lightweight shipper based on libbeat framework, which can be used to forward logs from systemd journals. Installed as an agent on your servers, Journalbeat monitors the journal locations that you specify, collects log events, and forwards them to either to or .

For more information, see the .

Elasticsearch
Logstash
Beats Platform Reference