Commit 945cd021 authored by Fabien Wernli's avatar Fabien Wernli
Browse files

init

parents
This diff is collapsed.
This diff is collapsed.
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="680.9751"
height="98.047569"
id="svg2"
version="1.1"
inkscape:version="0.48.5 r10040"
sodipodi:docname="New document 1">
<defs
id="defs4" />
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="1.4109375"
inkscape:cx="317.95461"
inkscape:cy="31.398597"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="false"
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0"
inkscape:window-width="1918"
inkscape:window-height="1180"
inkscape:window-x="1680"
inkscape:window-y="18"
inkscape:window-maximized="0" />
<metadata
id="metadata7">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1"
transform="translate(-57.045391,-465.71321)">
<path
style="fill:#82b707;fill-opacity:1"
d="m 76.101515,562.77887 c -14.93464,-4.54291 -22.59418,-21.57795 -17.46627,-38.84549 2.23128,-7.51354 9.37357,-14.55406 17.01924,-16.77671 17.1884,-4.99681 32.557835,5.58742 34.185925,23.54228 l 0.54536,6.01426 -21.718355,0 -21.71834,0 0.69989,3.25 c 2.02077,9.38356 8.41458,14.75 17.57378,14.75 5.19867,0 8.87867,-1.98791 13.11008,-7.08196 l 3.440815,-4.1423 3.10376,1.60502 c 4.23345,2.1892 4.68985,3.26938 2.67843,6.33919 -4.94961,7.55407 -13.886885,12.29938 -22.947845,12.18433 -3.3,-0.0419 -7.12791,-0.41928 -8.50647,-0.83862 z m 23.00647,-35.69763 c 0,-2.7754 -3.92803,-8.16043 -7.61436,-10.43871 -2.78166,-1.71916 -4.55726,-2.0712 -8.52408,-1.69004 -5.56491,0.53472 -9.236,2.79082 -12.61156,7.75055 -4.04048,5.9367 -3.8785,6.01017 13.25,6.01017 13.66817,0 15.5,-0.19287 15.5,-1.63197 z m 69.000005,35.96339 c -7.61337,-2.59203 -13.61863,-7.92179 -17.11304,-15.18811 -3.10093,-6.44809 -3.18893,-19.58272 -0.17616,-26.29248 7.05214,-15.70587 26.11687,-20.71143 39.6294,-10.40491 l 3.6598,2.79146 0,-3.61869 0,-3.61869 4.5,0 4.5,0 0,28 0,28 -4.5,0 -4.5,0 0,-3.61869 0,-3.61869 -3.50039,2.66988 c -1.92522,1.46843 -5.06076,3.32184 -6.96788,4.11869 -3.32795,1.3905 -12.40055,1.84626 -15.53173,0.78023 z m 14.6849,-9.39803 c 12.36428,-4.6847 15.45668,-25.36384 5.16242,-34.52155 -5.69254,-5.06405 -15.82555,-5.70581 -21.68544,-1.3734 -10.94734,8.09372 -9.98242,28.7827 1.62838,34.91413 4.12703,2.1794 10.60532,2.606 14.89464,0.98082 z m 46.3151,9.33208 c -4.52734,-1.7404 -12,-9.81924 -12,-12.97344 0,-0.53455 1.84584,-1.58109 4.10186,-2.32565 3.68465,-1.21604 4.19893,-1.18028 5.05621,0.3516 2.15051,3.84274 6.33247,6.68202 9.84193,6.68202 7.2875,0 11.71496,-8.28504 6.96552,-13.03448 -1.11896,-1.11896 -5.30127,-3.58509 -9.29403,-5.48029 -3.99275,-1.89521 -8.57367,-4.81746 -10.17981,-6.49391 -2.49641,-2.6057 -2.92025,-3.83853 -2.92025,-8.49421 0,-8.82046 5.51912,-14.50836 14.8268,-15.28023 6.26395,-0.51945 10.50918,1.46146 14.39466,6.71686 l 2.26341,3.06142 -3.27815,1.99868 c -4.17579,2.54598 -4.57322,2.51933 -7.36573,-0.49384 -4.45991,-4.81232 -11.9535,-2.05733 -11.23738,4.13139 0.28422,2.45621 1.57401,3.43884 10.28862,7.83843 12.62689,6.37472 14.96779,9.30657 14.22476,17.81568 -0.89279,10.22413 -8.35516,16.79291 -18.89858,16.63555 -2.90941,-0.0434 -5.96484,-0.33843 -6.78984,-0.65558 z m 119.36471,-0.35453 c -1.72441,-0.49977 -5.30983,-2.37169 -7.96759,-4.15981 -17.93007,-12.06319 -16.01783,-39.91522 3.39497,-49.44817 7.74541,-3.80351 19.26615,-4.00544 26.45791,-0.46375 l 4.75,2.3392 0,6.47775 0,6.47774 -4.28209,-3.50885 c -4.99705,-4.09471 -8.57021,-5.62505 -13.13379,-5.62505 -11.83333,0 -20.57116,10.14759 -19.30461,22.41921 1.76294,17.08129 20.85301,23.54566 33.47049,11.33394 l 3.25,-3.14548 0,6.5596 0,6.5596 -5.87505,2.63657 c -6.21198,2.78777 -14.38004,3.39663 -20.76024,1.5475 z m 50.13529,-0.31142 c -3.57327,-1.57485 -8.13907,-6.00089 -10.09784,-9.78872 l -1.41214,-2.73077 4.25499,-1.92171 c 3.85267,-1.74001 4.34954,-1.77109 5.25499,-0.32874 2.86589,4.56525 6.4509,7.17042 9.86731,7.17042 4.09885,0 8.25301,-3.19715 9.15157,-7.04328 0.90442,-3.87128 -2.1916,-6.92628 -11.9813,-11.82253 -9.76898,-4.88588 -12.52775,-8.1104 -12.53384,-14.64979 -0.002,-2.20858 0.83116,-5.57237 1.8516,-7.47508 2.21812,-4.13592 8.98201,-8.00932 13.98622,-8.00932 4.98911,0 11.91022,3.61931 13.75946,7.19534 0.85055,1.64479 1.40077,3.11647 1.22272,3.27041 -0.17806,0.15394 -1.80718,1.03451 -3.62027,1.95681 l -3.29653,1.67692 -3.03019,-2.54974 c -3.8232,-3.21701 -6.88388,-3.2355 -9.86746,-0.0596 -3.57229,3.80253 -1.65514,6.85446 6.74389,10.73565 11.1405,5.14802 15.02513,8.23723 16.29681,12.95989 2.22705,8.27065 -1.90792,17.48475 -9.36613,20.87089 -4.85698,2.20514 -12.84014,2.4574 -17.18386,0.54299 z m 53.51828,-1.29819 c -6.24211,-3.28725 -11.36149,-9.33488 -13.19993,-15.59338 -0.67985,-2.31437 -1.21523,-7.58295 -1.18973,-11.70795 0.056,-9.06058 2.26076,-14.64817 8.16589,-20.69511 9.2605,-9.48289 26.41716,-9.68824 35.95675,-0.43037 5.05922,4.9098 7.39681,10.10098 8.0147,17.79855 l 0.50786,6.32693 -21.13691,0 -21.13691,0 0,2.53984 c 0,3.81381 3.53794,9.99446 7.22736,12.62594 2.66472,1.90062 4.54666,2.33422 10.13112,2.33422 l 6.85847,0 4.8366,-5.26002 4.83659,-5.26001 3.55493,1.69523 c 4.35568,2.07708 4.45111,3.78189 0.48131,8.59795 -5.22103,6.33401 -11.00779,9.03995 -20.33427,9.50847 -7.40487,0.37199 -8.55765,0.16135 -13.57383,-2.48029 z m 27.67232,-33.86965 c 0.50236,-1.51202 -3.665,-7.35834 -7.01393,-9.83973 -4.10847,-3.04418 -13.01499,-2.92052 -17.44931,0.24226 -3.35015,2.38951 -7.65852,9.4013 -6.49283,10.56698 1.12407,1.12407 30.56686,0.20196 30.95607,-0.96951 z m 36.99795,34.14833 c -7.94223,-3.89142 -12.41788,-9.8173 -14.67957,-19.43616 -2.51361,-10.69028 1.35601,-24.00196 8.74858,-30.09554 9.50674,-7.83626 25.76042,-7.93062 32.64743,-0.18954 2.6847,3.01764 3.59501,2.67358 3.59501,-1.35877 l 0,-3.5 4.5,0 4.5,0 0,28 0,28 -4.5,0 c -4.63628,0 -5.06939,-0.48689 -4.67023,-5.25 0.19637,-2.34331 -1.10577,-2.2078 -3.42478,0.35641 -5.65611,6.25415 -17.81498,7.83501 -26.71644,3.4736 z m 18.99635,-7.64662 c 6.89756,-2.61342 11.25829,-10.03627 11.29314,-19.22323 0.0423,-11.15319 -6.55168,-18.78602 -16.82581,-19.47661 -4.88027,-0.32803 -6.2371,0.005 -9.93458,2.43768 -9.71987,6.39525 -11.95714,20.09041 -4.95719,30.34479 4.17303,6.11317 13.08957,8.69647 20.42444,5.91737 z m 91.3151,8.90561 c -8.20497,-2.23713 -16.65943,-11.17134 -19.09793,-20.18167 -1.54119,-5.69472 -0.60809,-15.3531 1.97185,-20.41018 2.87501,-5.6355 8.45562,-11.04625 14.03669,-13.60947 6.71657,-3.08472 18.86248,-2.98812 25.33939,0.20153 l 4.75,2.3392 0,6.51439 0,6.51438 -3.67727,-3.22868 c -7.01161,-6.15627 -14.31887,-7.52616 -21.8641,-4.09884 -7.88682,3.58249 -12.12115,11.41215 -11.16772,20.65008 1.02801,9.96042 7.76654,16.55746 17.64223,17.2718 6.51032,0.47092 10.51098,-1.07444 15.81686,-6.10966 l 3.25,-3.08421 0,6.5596 0,6.5596 -5.87505,2.63657 c -6.27277,2.81505 -14.18517,3.36773 -21.12495,1.47556 z m 99.65499,-0.66774 c -2.03245,-2.24583 -2.17111,-8.49803 -0.22431,-10.11373 2.50951,-2.08271 7.70849,-1.60389 9.73311,0.89642 2.39984,2.96367 2.32709,6.14203 -0.20275,8.85749 -2.49462,2.67767 -7.04906,2.85377 -9.30605,0.35982 z m -601.98832,0.16207 c -0.36667,-0.36666 -0.66667,-22.19166 -0.66667,-48.5 l 0,-47.83333 5,0 5,0 0,48.5 0,48.5 -4.33333,0 c -2.38334,0 -4.63334,-0.3 -5,-0.66667 z m 146.04705,0.0471 c -0.39255,-0.39255 -0.71372,-10.95883 -0.71372,-23.48063 l 0,-22.76692 -2.75,-0.31642 c -2.48893,-0.28638 -2.75,-0.69616 -2.75,-4.31642 0,-3.60744 0.26641,-4.03072 2.71455,-4.313 l 2.71455,-0.313 0.28545,-9.687 0.28545,-9.687 4.5,0 4.5,0 0.28557,9.69666 0.28557,9.69666 4.71443,0.30334 4.71443,0.30334 0.3075,4.25 0.3075,4.25 -5.03907,0 -5.03907,0 -0.26843,23.25 -0.26843,23.25 -4.03628,0.29705 c -2.21995,0.16338 -4.35745,-0.0241 -4.75,-0.41666 z m 33.28628,-27.43518 0,-28.05479 4.75,0.30479 4.75,0.30479 0.28125,25.5 c 0.15469,14.025 0.0336,26.5125 -0.26905,27.75 -0.46879,1.91671 -1.21406,2.25 -5.03125,2.25 l -4.48095,0 0,-28.05479 z m 267.45155,26.78914 c -0.26712,-0.69611 -0.36549,-13.18361 -0.21861,-27.75 l 0.26706,-26.48435 4.75,-0.30479 c 4.58079,-0.29393 4.75,-0.20757 4.75,2.42431 l 0,2.72911 2.25,-2.04935 c 4.82055,-4.39066 9.45147,-5.34512 15.57566,-3.21021 l 3.12411,1.08907 -2.09781,4.16093 c -2.66467,5.2853 -2.30835,5.02223 -4.91378,3.62784 -1.70642,-0.91325 -3.14038,-0.9233 -6.07982,-0.0426 -6.57441,1.96975 -7.27424,4.45823 -7.68471,27.32571 l -0.35451,19.75 -4.44095,0 c -2.65957,0 -4.63578,-0.50768 -4.92664,-1.26565 z m 94.53873,1.01565 c -0.005,-0.1375 -0.11785,-21.9625 -0.25,-48.50001 l -0.24028,-48.25 4.75,0 4.75,1e-5 0,23.67431 0,23.67432 2.26365,-2.12659 c 9.99558,-9.39036 28.15462,-5.18478 31.6277,7.32488 0.62983,2.26859 1.09987,12.60537 1.10307,24.25787 l 0.006,20.30479 -4.75,-0.30479 -4.75,-0.30479 -0.5,-20.5 c -0.54213,-22.22729 -0.94343,-23.9055 -6.24115,-26.09989 -3.61271,-1.49643 -10.35201,-0.57827 -12.93885,1.76278 -4.65708,4.21461 -5.21949,6.86683 -5.63787,26.58711 l -0.39778,18.75 -4.39218,0 c -2.41569,0 -4.39654,-0.1125 -4.40189,-0.25 z M 303.66469,490.4907 c -2.12332,-3.03146 -1.9542,-6.37999 0.4433,-8.77749 5.23837,-5.23837 14.30552,0.75798 10.9057,7.21223 -1.61555,3.06696 -2.81793,3.75433 -6.599,3.77246 -2.17782,0.0104 -3.68833,-0.69145 -4.75,-2.2072 z"
id="path3070"
inkscape:connector-curvature="0" />
</g>
</svg>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="328.1507"
height="289.39661"
id="svg2"
version="1.1"
inkscape:version="0.48.5 r10040"
sodipodi:docname="event.svg">
<defs
id="defs4" />
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="1.4109375"
inkscape:cx="97.951191"
inkscape:cy="185.99008"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="false"
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0"
inkscape:window-width="1918"
inkscape:window-height="1180"
inkscape:window-x="1680"
inkscape:window-y="18"
inkscape:window-maximized="0" />
<metadata
id="metadata7">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1"
transform="translate(-157.68665,-289.88113)">
<rect
style="fill:#000000;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="rect3775"
width="328.1506"
height="69.246086"
x="157.68665"
y="289.88113" />
<rect
style="fill:#3e4041;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="rect3806"
width="2.8349946"
height="0.70874864"
x="476.98782"
y="163.60693"
transform="translate(159.46843,334.98233)" />
<rect
style="fill:#8c8c8c;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="rect3775-3"
width="199.86711"
height="44.029999"
x="285.97021"
y="359.12732" />
<rect
style="fill:#a0a0a0;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="rect3775-0"
width="139.62347"
height="44.029999"
x="346.21384"
y="403.15741" />
<rect
style="fill:#b4b4b4;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="rect3775-5"
width="106.31229"
height="44.029999"
x="379.52502"
y="447.18753" />
<rect
style="fill:#c8c8c8;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="rect3775-31"
width="88.593575"
height="44.029999"
x="397.24374"
y="491.21762" />
<rect
style="fill:#dcdcdc;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="rect3775-8"
width="51.029896"
height="44.029999"
x="434.8074"
y="535.24774" />
<text
xml:space="preserve"
style="font-size:36px;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;line-height:125%;letter-spacing:0px;word-spacing:0px;fill:#000000;fill-opacity:1;stroke:none;font-family:Gibson;-inkscape-font-specification:Gibson"
x="477.32486"
y="339.71542"
id="text2985"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
x="477.32486"
y="339.71542"
id="tspan2989"
style="font-size:56px;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:end;text-anchor:end;fill:#ffffff;fill-opacity:1;stroke:none;font-family:TeX Gyre Adventor;-inkscape-font-specification:TeX Gyre Adventor">événement</tspan><tspan
sodipodi:role="line"
x="477.32486"
y="389.81851"
id="tspan2993"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:end;text-anchor:end;fill:#000000;fill-opacity:1;font-family:TeX Gyre Adventor;-inkscape-font-specification:TeX Gyre Adventor">timestamp</tspan><tspan
sodipodi:role="line"
x="477.32486"
y="434.81851"
id="tspan2995"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:end;text-anchor:end;font-family:TeX Gyre Adventor;-inkscape-font-specification:TeX Gyre Adventor">service</tspan><tspan
sodipodi:role="line"
x="477.32486"
y="479.81851"
id="tspan2999"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:end;text-anchor:end;font-family:TeX Gyre Adventor;-inkscape-font-specification:TeX Gyre Adventor">state</tspan><tspan
sodipodi:role="line"
x="477.32486"
y="524.81854"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:end;text-anchor:end;font-family:TeX Gyre Adventor;-inkscape-font-specification:TeX Gyre Adventor"
id="tspan3005">host</tspan><tspan
sodipodi:role="line"
x="477.32486"
y="569.81854"
id="tspan3001"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:end;text-anchor:end;font-family:TeX Gyre Adventor;-inkscape-font-specification:TeX Gyre Adventor">ttl</tspan></text>
</g>
</svg>
![riemann dashboard](all-logos.svg)
# Le CCIN2P3 traite 1 milliards d'événements techniques par jour
## Journaux ou "logs"
Une infrastructure comme celle du CCIN2P3 comporte un grand nombre
de serveurs, d'équipements réseau, d'appareillages électriques et
climatiques afin de remplir sa mission de fournisseur d'infrastructure aux
laboratoires et à la grille. Tous ces éléments génèrent un grand
nombre de messages et d'informations techniques sur leur fonctionnement
que l'on appelle respectivement *journaux* (*"logs"* en anglais) et
*métriques*. Si l'on compte le nombre d'événements que produisent les
400'000 points de mesures, 2000 serveurs, 200 alimentations intelligentes,
50 climatiseurs et 10 onduleurs connectés, sans oublier le générateur,
on arrive à près d'**un milliard par jour**.
La nouvelle infrastructure de gestion d'événements qui est à l'étude depuis près d'un an permet
de traiter de manière semi-automatique ce flux d'informations à destination des personnels techniques du CCIN2P3.
Elle répond efficacement et avec une faible latence aux pannes logicielles et matérielles qui se présentent.
En outre, un certain nombre de journaux doivent être conservés légalement pendant un an.
## Exemple: Un disque dur tombe en panne
Pour mieux comprendre la fonction du système, suivons le chemin d'un événement
à travers la nouvelle infrastructure. Un disque dur système d'un serveur tombe en panne: le
système d'exploitation *Linux* qui gère cet équipement est alerté
par l'électronique de la pièce par l'intermédiaire du pilote noyau
correspondant. Un événement est reçu par le logiciel de collecte des
événements *rsyslogd* du serveur. Voici son contenu sous forme brute:
```syslog
2014-05-30T14:34:53 node01 ata2.00: exception Emask 0x0 SAct 0xffff SErr 0x0 action 0x0
```
L'événement est ensuite transféré sur un analyseur distant via le
protocole *syslog*. L'événement est ensuite normalisé selon un paradigme
commun afin de figurer dans un catalogue intelligible. C'est le composant
*patterndb* du logiciel *syslog-ng* [1] qui s'occupe de cette tâche: il transforme les informations textuelles du message d'origine en structure de données. Chaque
événement se voit assigner au moins cinq valeurs caractéristiques:
* l'**horodatage** précis
* le **service** caractérisant le composant
* son **état** de santé
* l'**hôte** dont il émane
* sa **date de péremption**.
![riemann dashboard](event.svg)
Ces quatre valeurs fondamentales
ont pour fonction notamment de permettre à l'opérateur humain de discerner
clairement les symptômes de pannes éventuelles, et de classifier les
flux d'événements. Voici la forme normalisée de
notre événement:
```json
{
"timestamp": "2014-05-30T14:34:53",
"host": "node01",
"service": "kernel-drivers/ata-2.00",
"state": "warning",
"ttl": 300
"kernel": {
"type": "exception",
"emask": "0x0",
"sact": "0xffff",
"serr": "0x0",
"action": "0x0"
}
}
```
## Et Ensuite?
L'étape suivante de sa vie est le transfert
simultané vers d'autres systèmes de traitement: analyse
synchrone, stockage et indexation, alerte, etc.
Le système d'analyse synchrone, implémenté
grâce au logiciel *Riemann* [2], permettra à un opérateur humain de
visualiser en **temps-réel** le flux d'événements, par exemple en affichant
dans un navigateur web les événements dont l'état est jugé important.
La latence de ce genre de visualisation est très faible (de l'ordre de quelques millisecondes) et permet un temps de réaction très rapide. Il est notamment utilisé dans la *control room* du CCIN2P3.
![riemann dashboard](riemann-dash.png)
L'autre système vers lequel
les messages sont transférés permet de les enregistrer de manière
semi-permanente gràce au logiciel *Elasticsearch* [3]. Ce moteur de recherche distribué permet d'indexer les données de manière très ciblée, et permet de trouver des incidents parmi des millions en une fraction de secondes. Il est livré avec un interface graphique très puissant (*Kibana*) qui permet à l'opérateur d'explorer les journaux de manière intuitive, et notamment de faire une analyse post-incident extrêmement efficace.
![riemann dashboard](kibana.png)
D'autres systèmes sont également consommateurs d'un sous-ensemble des événements traités par *syslog-ng*, il s'agit par exemple de la messagerie, et de *Nagios* [4] qui est le système central de gestion des alarmes au CCIN2P3.
## Références
[1] http://syslog-ng.org
[2] http://riemann.io
[3] http://elasticsearch.org
[4] http://www.nagios.org
This diff is collapsed.
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="198.44962"
height="99.2248"
id="svg3950"
version="1.1"
inkscape:version="0.48.5 r10040">
<defs
id="defs3" />
<sodipodi:namedview
inkscape:document-units="mm"
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0.0"
inkscape:pageshadow="2"
inkscape:zoom="1.4109375"
inkscape:cx="178.48285"
inkscape:cy="-149.05871"
inkscape:current-layer="layer1"
showgrid="false"
units="mm"
fit-margin-top="0"
fit-margin-left="0"
fit-margin-right="0"
fit-margin-bottom="0"
inkscape:window-width="1918"
inkscape:window-height="1180"
inkscape:window-x="1680"
inkscape:window-y="18"
inkscape:window-maximized="0" />
<metadata
id="metadata4">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1"
transform="translate(-171.51715,-284.07867)">
<rect
style="fill:#820007;fill-opacity:1;fill-rule:nonzero;stroke:none"
id="rect4059"
width="198.44962"
height="99.2248"
x="171.51715"
y="284.07867" />
<image
y="303.19107"
x="190.74196"
id="image4056"
xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAKAAAAA9CAYAAAAqN2KwAAAABHNCSVQICAgIfAhkiAAAB/dJREFU
eJztnWusVcUVx38X8CpeFVERg8YXiBAbQQ2+U6OWi1q1mpT6QUNtBGt9oDExPqJBjX7RqjFGrUqr
4qMSLUESbC2mCjY+Ynw0ta21FFF8EUv1Isj7bj+se+J2Zs0+s2fPuZtzmV+yw2WdmTWz7/mfmVlr
Zt9DVp6vsyz7Z5Zlz2dZNjvLstOyLKPJNVHxs95RdnlAnxo8ovg7WinXm2XZeI9+u663FZ+/Kenj
oIL7mFTS1xWKj6+yLBvlWX+9Un+iUu4ppdy7WZZ1erQxTrvRQZRnJ2A80A1cACwE3gKmBPiqiw7g
8sC6PwQmRujDaQWv/TiC/2HAvRH8NOMQ4NrQyiEC1DgMWND3b7swDdgtoF6ocE2KRBZDgABnAVMj
+SriOkSIpYklQIBOYC7QFdFnKxkK/LJknf2An0RouwsZSV0cAewVoR2Aewj7oJWhE/gtAXoa4rDf
CKx0vDYYGAFMBo41XjsIOAZ4oWxHmjAD+KtHuZ6Sfi8Bfg1s8ix/KXL/VTkZ2L7g9Q7gVODhCG2N
BO4AfhHBVxFHAZcBd5ep5BLgXOC9JnVvBOYBZxv2HxBfgB979CeEvZEp6kmPsl3A9EjtmlPsSuTD
M9YoE0OAAOcj97gokj8XtwLPAst9K1SdgrU3LmgtUCNXeJabBuwaqU0zAFkCLDZs3cB2kdoDeJDW
L4+6+trxpqoAVym2nSv67G8mAcc1KdMBzIzU3qHAPoZtMbYAd6Z4nViW/YFbIvpzMRn4uW/hqgLM
KtbfWmg2Ck4BxkVqS0u/aAKEeNFwg5nIWq3V3ImsPZtSVYAxp4hm7ezgcYX252wkwnURK/UCtqhW
Af9A1rkfNClbhleAFYZtEBKtdlbwazIf2GDYdkOi76ZUFeABik2blquyAFjncT0U6H8wEsFpHEy8
JPtwJEuQ52W+m0nMUXAsMCawra+BXyn2SoljhX8DNyv2qXikrKoIcB/gasX+fgWf/UUP8F/DNh3Z
5TGZiawB87wV2G43dhpniePnBlVGwYXogWJw4tjBbcDfFPt9yI6Mk6I84FeO13ZA0hfH9/2cJyN+
CqZVPIbcZ4NhSK4sP3Xsir2gfg94Azg8oE1NTIsdP+frlMqtGVyOCH+PnK0TmI0EX70VfDfYjGzL
vs73P2CjgNuBC10VXQI8J7AjC5D1TDswB5jF90e3mcj+aeNNuQA7dfEoElGWZRBwimHrAd7J/X8Z
shbMR8knICPzmoA2Af6HiPAJw340AYnjAt5Ego+rDPt0ZBT+XKsUcyvuffQ1Rww2IQvdZpfvjgbI
gt/cXRkDnN7382Bk5yNPL/B4mY7nmITsIOV5DRmN8oHUK0aZTuBHgW02eBJ4TrHfStiHycUsYKlh
60DW5kO1CjEE2As8A5wEfBbBn8aZ+EXBM0r6fVSxNVIyZ2K/OX9BRqgQtPTLFOxA6mdKuRjpmIuQ
wCRPF/BABN8N1iHTrZmeGwPcpFVwCXAj+gijrRcuRiKeT8r3t3aeRn5peU4EJqCnXuZUaKuKiIqO
bvmyArhGsXdTvC9dlheR9aXJGVphlwAnoI8w2l7oRdhRYruwGsljmdyPrL3yrEH2vkMYSVjQ0mAU
cY663Y/foY6qXAV86lOw7BQ8BzvNMhH4aUk/WxPaqGbm6gD+AKwNbONUqn9IY0zDGTKImInj2PQg
J42aUlaAW5CFpslNAb62Fhbht3bV1ou+aOIpCqw2evoIwZU4js18ZIlTSIho5gJ/N2zjgXMDfPky
DkkbNLtGB/jegp2iMPkIeCnAN0iqa7JiH4c7mBqB5NbyHIkdRYfiShzH5jLgy6ICIQLMgBsU+yzc
ecWq3AW86nFp/fKh2ej2GOEHL47H3g1YiuT8XKzGTsdoecRQGonjLZH8uVgJXFlUIHTafBbZDcgz
mtafum0V7wJvF7xeJfrVItjnPer9UbGdrthCaSSOW80jFByErbJuu16x3UDckL4/cY2Cr1Ftf1tb
u/kI8E+KrZu4s8ws7D3xVnAhjgBuCPpzFD5D85/7rvz5sl2A85AjP6Y/s531Dr+rHX3y4RvFtlnx
p/n/PfIBMt/g3znaMX1obe+NpFDyZTchubJmvAP8B9gzZ+tAdlReNcpuUPrjs3W3Dknez8OO0jUN
rFXaMfOoGsuRAxBW8NORZQPlTGmiHWnX1EligJAEmKiVJMBErSQBJmolCTBRK0PQHzdchr4faTIC
2N2wrcY+CbE99gNMvej5tdHYT7etwM4j7Yn9N096sPd1h2I/8bYFSXGYjMFOw3yEnWIZiTxglOdL
7D9nsiOwr2HbjH1o08V+2Ac5P8NOhQzHfgxyDf5nF8diD0YfYB9aGIWk2vKsAr7waKMTONA0DlEa
Bv+TGx1KfZc/0+5qY5BnWd9yrj7Fbtv3vsvMOr79qdrOYMVv1d+5idbHNAUn6iUJMFErSYCJWkkC
TNRKEmCiVpIAE7WSBJiolSTARK0kASZqJQkwUStJgIlaSQJM1EoSYKJWWvUgeX+wEve3OW0trAX+
VaH+csU2oJ4ia2cBtssbUaWf7XKPwaQpOFErSYCJWkkCTNRK1TXgF/g9D9AuaM+JDPh1GPo3kca+
7w0oAVlVAQ60N2eg3Y8v/XXfVjtpCk7UShJgolaSABO10s6J6MR3/L/vajWhX9LjJAkwjI3Yfy3B
5y9JJAy2BQFuAD40bFWjvlW05nuRtzm2BQH2Ev4FM4kWk4KQRK18Cw+jkbQ8iJs0AAAAAElFTkSu
QmCC
"
height="61"
width="160" />
</g>
</svg>
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="513.22406"
height="186.77086"
id="svg3950"
version="1.1"
inkscape:version="0.48.5 r10040"
sodipodi:docname="all-logos.svg">
<defs
id="defs3">
<inkscape:perspective
id="perspective4415"
inkscape:persp3d-origin="372.04724 : 350.78739 : 1"
inkscape:vp_z="744.09448 : 526.18109 : 1"
inkscape:vp_y="0 : 1000 : 0"
inkscape:vp_x="0 : 526.18109 : 1"
sodipodi:type="inkscape:persp3d" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2626"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
id="linearGradient4627">
<stop
id="stop4629"
offset="0"
style="stop-color:#000000;stop-opacity:0" />
<stop
id="stop4631"
offset="1"
style="stop-color:#000000;stop-opacity:0" />
</linearGradient>
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2628"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2630"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2632"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2634"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2636"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2638"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2640"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2642"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2644"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2646"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2648"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2650"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2652"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2654"
xlink:href="#linearGradient4627"
inkscape:collect="always" />
<linearGradient
y2="292.36218"
x2="250"
y1="467.36218"
x1="80.5327"
gradientUnits="userSpaceOnUse"
id="linearGradient2656"
xlink:href="#linearGradient4627"