[Doc] database auto-update and database metrics#187
[Doc] database auto-update and database metrics#187kaisecheng merged 4 commits intologstash-plugins:masterfrom
Conversation
docs/index.asciidoc
Outdated
|
|
||
| ==== Database Metrics | ||
|
|
||
| You can monitor database status through https://www.elastic.co/guide/en/logstash/current/node-stats-api.html#node-stats-api[Node Stats API] |
There was a problem hiding this comment.
please correct me on how to link the plugin doc to logstash doc
There was a problem hiding this comment.
| You can monitor database status through https://www.elastic.co/guide/en/logstash/current/node-stats-api.html#node-stats-api[Node Stats API] | |
| You can monitor database status through {logstash-ref}/node-stats-api.html#node-stats-api[Node Stats API] |
| The following request returns a JSON document containing database manager stats, | ||
| including: | ||
|
|
||
| * the database status and freshness | ||
| ** `geoip.database.*.status` | ||
| *** `init` : initial CC database status | ||
| *** `healthy` : using up-to-date EULA database | ||
| *** `to_be_expired` : 25 days without calling service | ||
| *** `expired` : 30 days without calling service | ||
| ** `fail_check_in_days` : number of days Logstash fails to call service since the last success | ||
| * info about download successes and failures | ||
| ** `geoip.download.successes` number of successful checks and downloads | ||
| ** `geoip.download.failures` number of failed check or download | ||
| ** `geoip.download.status` | ||
| *** `checking` : check and download at the moment | ||
| *** `succeeded` : last download succeed | ||
| *** `failed` : last download failed | ||
|
|
||
| [source,js] | ||
| -------------------------------------------------- | ||
| curl -XGET 'localhost:9600/_node/stats/geoip?pretty' | ||
| -------------------------------------------------- | ||
|
|
||
| Example response: | ||
|
|
||
| [source,js] | ||
| -------------------------------------------------- | ||
| { | ||
| "geoip" : { | ||
| "database" : { | ||
| "ASN" : { | ||
| "status" : "healthy", | ||
| "fail_check_in_days" : 0, | ||
| "download_at": "2021-06-21T16:06:54+02:00" | ||
| }, | ||
| "City" : { | ||
| "status" : "healthy", | ||
| "fail_check_in_days" : 0, | ||
| "download_at": "2021-06-21T16:06:54+02:00" | ||
| } | ||
| }, | ||
| "download" : { | ||
| "successes" : 15, | ||
| "failures" : 1, | ||
| "last_check_at" : "2021-06-21T16:07:03+02:00", | ||
| "status" : "succeeded" | ||
| } | ||
| } | ||
| } | ||
| -------------------------------------------------- | ||
|
|
There was a problem hiding this comment.
would like to know your opinion on whether this part should belong to Node State API or stay in plugin
There was a problem hiding this comment.
geoip metrics only appear when user uses geoip plugin
There was a problem hiding this comment.
Another good example. Thank you. ❤️
Your instincts are right. I believe this info provides the most user benefit here.
If you would like, we can set up a heading/section in the Node Stat API docs to expose this info. Rather than repeating the info, we can point them here. LMKWYT or if you'd like for me to set this up.
karenzone
left a comment
karenzone
left a comment
There was a problem hiding this comment.
More nice document with good examples, @kaisecheng. Thank you. ❤️
I left some comments in line and offered a suggestion for sharing this info with Node Stats. Let me know how I can help from here.
| The Logstash open source distribution uses the MaxMind Creative Commons license | ||
| database by default. | ||
|
|
||
| ==== Database Auto-update |
There was a problem hiding this comment.
| ==== Database Auto-update | |
| [id="plugins-{type}s-{plugin}-database_auto"] | |
| ==== Database Auto-update |
docs/index.asciidoc
Outdated
| This plugin embedded with Creative Commons (CC) license databases. | ||
| When Logstash works in air-gapped enviornment, CC license databases can be used indefinitely. | ||
| Logstash checks database update every day. It downloads the latest and can replace the old database on-the-fly. | ||
| Once it downloads EULA license databases, it will not fallback to CC license databases. |
There was a problem hiding this comment.
| This plugin embedded with Creative Commons (CC) license databases. | |
| When Logstash works in air-gapped enviornment, CC license databases can be used indefinitely. | |
| Logstash checks database update every day. It downloads the latest and can replace the old database on-the-fly. | |
| Once it downloads EULA license databases, it will not fallback to CC license databases. | |
| This plugin bundles Creative Commons (CC) license databases. | |
| In air-gapped environments, Logstash can use CC license databases indefinitely. | |
| Logstash checks for database updates every day. It downloads the latest and can replace the old database while the plugin is running. | |
| After Logstash downloads EULA license databases, it will not fallback to CC license databases. |
There was a problem hiding this comment.
WRT "on-the-fly." I offered a suggestion, but I'm not sure if it's correct. Ideally, we should explain exactly how this works.
docs/index.asciidoc
Outdated
| the geoip filter will stop enriching events in order to maintain compliance. | ||
| Events will be tagged with `_geoip_expired_database` tag to facilitate the handling of this situation. | ||
|
|
||
| NOTE: We recommend you allow Logstash to access internet to download databases |
There was a problem hiding this comment.
| NOTE: We recommend you allow Logstash to access internet to download databases | |
| Tip: When possible, allow Logstash to access the internet to download databases so that they are always up-to-date. |
|
|
||
| NOTE: We recommend you allow Logstash to access internet to download databases | ||
|
|
||
| ==== Database Metrics |
There was a problem hiding this comment.
| ==== Database Metrics | |
| [id="plugins-{type}s-{plugin}-metrics"] | |
| ==== Database Metrics |
docs/index.asciidoc
Outdated
|
|
||
| ==== Database Metrics | ||
|
|
||
| You can monitor database status through https://www.elastic.co/guide/en/logstash/current/node-stats-api.html#node-stats-api[Node Stats API] |
There was a problem hiding this comment.
| You can monitor database status through https://www.elastic.co/guide/en/logstash/current/node-stats-api.html#node-stats-api[Node Stats API] | |
| You can monitor database status through {logstash-ref}/node-stats-api.html#node-stats-api[Node Stats API] |
docs/index.asciidoc
Outdated
| The following request returns a JSON document containing database manager stats, | ||
| including: | ||
|
|
||
| * the database status and freshness |
There was a problem hiding this comment.
| * the database status and freshness | |
| * database status and freshness |
| The following request returns a JSON document containing database manager stats, | ||
| including: | ||
|
|
||
| * the database status and freshness | ||
| ** `geoip.database.*.status` | ||
| *** `init` : initial CC database status | ||
| *** `healthy` : using up-to-date EULA database | ||
| *** `to_be_expired` : 25 days without calling service | ||
| *** `expired` : 30 days without calling service | ||
| ** `fail_check_in_days` : number of days Logstash fails to call service since the last success | ||
| * info about download successes and failures | ||
| ** `geoip.download.successes` number of successful checks and downloads | ||
| ** `geoip.download.failures` number of failed check or download | ||
| ** `geoip.download.status` | ||
| *** `checking` : check and download at the moment | ||
| *** `succeeded` : last download succeed | ||
| *** `failed` : last download failed | ||
|
|
||
| [source,js] | ||
| -------------------------------------------------- | ||
| curl -XGET 'localhost:9600/_node/stats/geoip?pretty' | ||
| -------------------------------------------------- | ||
|
|
||
| Example response: | ||
|
|
||
| [source,js] | ||
| -------------------------------------------------- | ||
| { | ||
| "geoip" : { | ||
| "database" : { | ||
| "ASN" : { | ||
| "status" : "healthy", | ||
| "fail_check_in_days" : 0, | ||
| "download_at": "2021-06-21T16:06:54+02:00" | ||
| }, | ||
| "City" : { | ||
| "status" : "healthy", | ||
| "fail_check_in_days" : 0, | ||
| "download_at": "2021-06-21T16:06:54+02:00" | ||
| } | ||
| }, | ||
| "download" : { | ||
| "successes" : 15, | ||
| "failures" : 1, | ||
| "last_check_at" : "2021-06-21T16:07:03+02:00", | ||
| "status" : "succeeded" | ||
| } | ||
| } | ||
| } | ||
| -------------------------------------------------- | ||
|
|
There was a problem hiding this comment.
Another good example. Thank you. ❤️
Your instincts are right. I believe this info provides the most user benefit here.
If you would like, we can set up a heading/section in the Node Stat API docs to expose this info. Rather than repeating the info, we can point them here. LMKWYT or if you'd like for me to set this up.
|
@karenzone Setting up heading/section in the Node Stat API and pointing them to here sounds the right way. Because it avoids confusion of reading geoip metrics in Node Stat API doc but seeing nothing return when the pipeline doesn't involve geoip plugin. |
karenzone
left a comment
karenzone
left a comment
There was a problem hiding this comment.
Very minor suggestions for your consideration. Otherwise, LGTM 🎉
docs/index.asciidoc
Outdated
| the geoip filter will stop enriching events in order to maintain compliance. | ||
| Events will be tagged with `_geoip_expired_database` tag to facilitate the handling of this situation. | ||
|
|
||
| Tip: When possible, allow Logstash to access the internet to download databases so that they are always up-to-date. |
There was a problem hiding this comment.
| Tip: When possible, allow Logstash to access the internet to download databases so that they are always up-to-date. | |
| TIP: When possible, allow Logstash to access the internet to download databases so that they are always up-to-date. |
There was a problem hiding this comment.
All caps required to trigger the special "tip" formatting.
docs/index.asciidoc
Outdated
| [id="plugins-{type}s-{plugin}-metrics"] | ||
| ==== Database Metrics | ||
|
|
||
| You can monitor database status through {logstash-ref}/node-stats-api.html#node-stats-api[Node Stats API] |
There was a problem hiding this comment.
| You can monitor database status through {logstash-ref}/node-stats-api.html#node-stats-api[Node Stats API] | |
| You can monitor database status through the {logstash-ref}/node-stats-api.html#node-stats-api[Node Stats API]. |
3 participants
This PR adds more details on how database update behaves and explains how to use database metrics