From 00c2cde45122d3d69c58cf7152d92650d571936e Mon Sep 17 00:00:00 2001 From: Mihaela Gheorghe Date: Mon, 2 Dec 2024 11:50:05 +0100 Subject: [PATCH 1/4] docs: delete kibana-examples.md --- docs/logging/kibana-examples.md | 100 -------------------------------- 1 file changed, 100 deletions(-) delete mode 100644 docs/logging/kibana-examples.md diff --git a/docs/logging/kibana-examples.md b/docs/logging/kibana-examples.md deleted file mode 100644 index 928c29abba..0000000000 --- a/docs/logging/kibana-examples.md +++ /dev/null @@ -1,100 +0,0 @@ -# Kibana Examples - -Have you seen [the Kibana getting started video](https://www.elastic.co/webinars/getting-started-kibana) and are now ready to work with logs? We are here to help! This page will give you examples of Kibana queries you can use. This is not a Kibana 101 class, but it can help you understand some of what you can do in Kibana. - -Ready to get started? Good! - -!!! Note - Make sure that you have selected your tenant before starting! You can do that by on the `Tenant` icon on the left-hand menu. Once you have selected your tenant, click on the `Discover` icon again to get started. - -## Router Logs - -Below you'll find examples for two common log requests: - -* Viewing the total number of hits/requests to your site. -* Viewing the number of hits/requests from a specific IP address. - -### Total Number of hits/requests to your site - -* Let's start Kibana up and select `Discovery` (#1 in screen shot below) -* Then the router logs for your project(#2). -* From there, we will filter some of this information down a bit. Let's focus on our main production environment. -* In the search bar (#3), enter: - - `openshift_project: "name of your production project"` - -* This will show you all the hits to your production environment in the given time frame. -* You can change the time frame in the upper right hand corner (#4). -* Clicking on the arrow next to the entry (#5) will expand it and show you all the information that was captured. -* You can add any of those fields to the window by hovering over them and clicking add on the left hand side (#6). -* You can also further filter your results by using the search bar. - -![How to get the total number of hits/requests to your site in Kibana.](../images/kibana_example1.png) - -### Number of hits/requests from a specific IP address - -Running the query above will give you a general look at all the traffic to your site, but what if you want to narrow in on a specific IP address? Perhaps you want to see how many times an IP has hit your site and what specific pages they were looking at. This next query should help. - -We are going to start off with the same query as above, but we are going to add a couple of things. - -* First, add the following fields: `client_ip` and `http_request`. -* This will show you a list of all IP addresses and the page they requested. Here is what we see for the amazee.io website: - -![All IP addresses and the page they requested.](../images/kibana_example2.png) - -That looks good, but what if we wanted to just show requests from a specific IP address? You can filter for the address by adding it to your search criteria. - -* We are going to add: `AND client_ip: "IP address"`. -* That will filter the results to just show you hits from that specific IP address, and the page they were requesting. Here is what it looks like for our amazee.io website: - -![Hits from a specific IP address.](../images/kibana_example3.png) - -## Container Logs - -Container logs will show you all `stout` and `sterr` messages for your specific container and project. We are going to show an example for getting logs from a specific container and finding specific error numbers in that container. - -### Logs from a container - -Want to see the logs for a specific container (php, nginx, etc)? This section will help! Let's focus on looking at NGINX logs. - -* We start by opening up Kibana and selecting Discover (#1 in the screen shot below). -* From there, we select the container logs for our project (#2). -* Let's go to the search bar (#3) and enter: `kubernetes.container_name: "nginx"` -* This will display all NGINX logs for our project. -* Clicking on the arrow next to an entry (#4) will expand that entry and show you all of the information it gathered. -* Let's add the message field and the level field to the view. You can do that by clicking on "Add" on the left hand side (#5). -* You can change the time frame in the upper right hand corner of the screen (#6), in the example below I'm looking at logs for the last 4 hours. - -![](../images/kibana_example4.png) - -### Specific errors in logs - -Want to see how many 500 Internal Server errors you've had in your NGINX container? You can do that by changing the search query. If you search: - -`kubernetes.container_name: "nginx" AND message: "500"` - -That will only display 500 error messages in the NGINX container. You can search for any error message in any container that you would like! - -## Visualization - -Kibana will also give you the option to create visualizations or graphs. We are going to create a chart to show number of hits/requests in a month using the same query we used above. - -1. Click on Visualize on the left hand side of Kibana. -2. Click on the blue plus sign. -3. For this example, we are going to select a Vertical Bar chart. -4. Select the router logs for your project. -5. Click on X-Axis under Buckets and select Date Histogram, with the interval set to daily -6. Success!! You should now see a nice bar graph showing your daily traffic. - -!!! Note - Make sure that you select an appropriate time frame for the data in the upper right hand corner. - -Here is an example of a daily hits visualization chart: - -![Daily hits visualization chart.](../images/kibana_example5.png) - -Also note that you can save your visualizations (and searches)! That will make it even faster to access them in the future. And because each account has their own Kibana Tenant, no searches or visualizations are shared with another account. - -## Troubleshooting - - From 6a49af8ea4aa01ad0e0cbd64a2193aa3313d8db4 Mon Sep 17 00:00:00 2001 From: Mihaela Gheorghe Date: Fri, 6 Dec 2024 09:59:21 +0100 Subject: [PATCH 2/4] docs: modified mkdocks.yml --- mkdocs.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/mkdocs.yml b/mkdocs.yml index 935e5c75fa..a3fffe1ade 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -123,7 +123,6 @@ nav: - Role-Based Access Control (RBAC): interacting/rbac.md - Understanding Logs: - Logging: logging/logging.md - - Kibana Examples: logging/kibana-examples.md - Installing Lagoon: - Requirements: installing-lagoon/requirements.md - Bulk storage Provisioner: installing-lagoon/bulk-storage-provisioner.md @@ -498,3 +497,5 @@ plugins: 'drupal/services/solr-drupal.md': 'applications/drupal/services/solr.md' 'drupal/services/varnish-drupal.md': 'applications/drupal/services/varnish.md' 'installing-lagoon/efs-provisioner.md': 'installing-lagoon/bulk-storage-provisioner.md' + # December 2024 reorganization redirects + 'logging/kibana-examples.md': 'logging/logging.md' From 4a34c8797f6664e70f3e4ea2fd08fe49ad90665a Mon Sep 17 00:00:00 2001 From: Mihaela Gheorghe Date: Mon, 9 Dec 2024 09:37:07 +0100 Subject: [PATCH 3/4] docs: take out kibana details from logging.md --- docs/logging/logging.md | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/docs/logging/logging.md b/docs/logging/logging.md index 02b237d20c..3a400122bd 100644 --- a/docs/logging/logging.md +++ b/docs/logging/logging.md @@ -1,6 +1,6 @@ # Logging -Lagoon provides access to the following logs via Kibana: +Lagoon provides access to the following logs: * Logs from the Kubernetes Routers, including every single HTTP and HTTPS request with: * Source IP @@ -31,10 +31,5 @@ Lagoon provides access to the following logs via Kibana: * Ensure logs are structured as JSON encoded objects. * Ensure the `type` field contains the name of the Kubernetes namespace (`$LAGOON_PROJECT-$LAGOON_ENVIRONMENT`). -To access the logs, please contact {{ defaults.helpstring }} to get the URL for the Kibana route. -Each Lagoon user account has their own login and will see the logs only for the projects to which they have access. -Each Lagoon user account also has their own **Kibana Tenant**, which means no saved searches or visualizations are shared with another account. - -If you would like to know more about how to use Kibana: [https://www.elastic.co/webinars/getting-started-kibana](https://www.elastic.co/webinars/getting-started-kibana). From 9dca92473b3e98f531ba8c2bd8b911d704baf7a4 Mon Sep 17 00:00:00 2001 From: Mihaela Gheorghe Date: Tue, 10 Dec 2024 09:41:26 +0100 Subject: [PATCH 4/4] docs: fix redirect for logging --- mkdocs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mkdocs.yml b/mkdocs.yml index a3fffe1ade..6784047924 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -415,7 +415,7 @@ plugins: 'lagoon/drupal/services/varnish.md': 'applications/drupal/services/varnish.md' 'lagoon/drupal/step-by-step-getting-drupal-ready-to-run-on-lagoon.md': 'applications/drupal/step-by-step-getting-drupal-ready-to-run-on-lagoon.md' 'lagoon/drupal/subfolders.md': 'applications/drupal/subfolders.md' - 'lagoon/logging/kibana-examples.md': 'logging/kibana-examples.md' + 'lagoon/logging/kibana-examples.md': 'logging/logging.md' 'lagoon/logging/logging.md': 'logging/logging.md' 'lagoon/resources/faq.md': 'resources/faq.md' 'lagoon/resources/glossary.md': 'resources/glossary.md'