Awesome! Thanks for the very helpful info. I didn't know about typeperf (or wmic which I'm now seeing). That plus ProcessInput can get me a long way for now, and I'm anxious to see what Windows Event Collector can do.
-Ali On Wed Jan 14 2015 at 7:23:11 PM Tiru Srikantha <[email protected]> wrote: > I'm using it on Windows (50/50 windows/linux boxes, most customer facing > servers are Windows with management boxes as Linux due to the better ops > tools on that platform) with no issues. It reads from a text log, parses it > with Lua and then ships the resulting packet over the TLS TCP transport to > a central aggregation server for stats tracking/transfer to > Elasticsearch/InfluxDB. The central server also handles stuff like pulling > from CloudWatch and S3 (ELB logs). > > Right now Heka doesn't have plugins for some platform-specific stuff such > as Windows Event Logs or Performance Counters but I'm working on a sampler > for perf counters that runs in Heka's ProcessInput ( > https://hekad.readthedocs.org/en/latest/config/inputs/index.html#processinput) > and writes the data out to stdout using typeperf.exe. The data can then can > go through the normal parsing pathways and end up as message packets. > > An example of the data: > > Command: typeperf "\Memory\Available bytes" "\processor(_total)\% > processor time" > > Stdout: > "(PDH-CSV 4.0)","\\MYPC\Memory\Available > bytes","\\MYPC\processor(_total)\% processor time" > "01/14/2015 17:05:50.108","1807339520.000000","24.692840" > "01/14/2015 17:05:51.109","1807540224.000000","17.999271" > "01/14/2015 17:05:52.110","1807552512.000000","11.788940" > > It's pretty simple lpeg grammar to parse it using the SandboxDecoder, I > just have to find time to sit down and write it. > > Event logs are a bit trickier but I think I can figure out something with > the HTTP Input -> XML Decoder and Windows Event Collector forwarding to a > heka process on the local host. We'll see. > > On Wed, Jan 14, 2015 at 5:03 PM, Ali <[email protected]> wrote: > >> Thanks, Rob! >> >> I was hoping to capture generic system information like CPU utilization, >> memory consumption, the event log data, disk usage, etc. The rest is stuff >> i can get from the file system. >> >> -Ali >> >> On Wed, Jan 14, 2015, 4:46 PM Rob Miller <[email protected]> wrote: >> >>> I don't currently know of any plugins that are specifically about >>> pulling data in from Windows machines. That being said, only a few of our >>> decoder plugins are tied to a specific platform, most should run on Windows >>> w/ no problems. What is the specific data that you're trying to process? >>> >>> -r >>> >>> >>> On 01/14/2015 01:50 PM, Ali wrote: >>> > Hi there. >>> > >>> > I'm anxious to try out Heka at work. Most of the apps and hosts I >>> would >>> > use it with run Linux, but I was wondering what I would be able to get >>> > by installing Heka on Windows hosts. Part of what I liked about Heka, >>> > from what I have read so far, is how fast and simple (from a sysadmin >>> > perspective) it is, so I'd hate to diminish its speed and simplicity by >>> > going through too many gymnastics to implement it usefully on Windows. >>> > Looking at the inputs and decoders I don't see how to use Heka to get >>> > Windows data. (I've never used anything but Splunk to get Windows data >>> > and that was virtually automatic.) >>> > >>> > I guess I could leave Heka as an agent/shipper for Linux hosts only and >>> > use nxlog et al. to ship Windows logs to a central Heka node for >>> processing? >>> > >>> > Thanks in advance, >>> > Ali >>> > >>> > >>> > _______________________________________________ >>> > Heka mailing list >>> > [email protected] >>> > https://mail.mozilla.org/listinfo/heka >>> > >>> >>> >> _______________________________________________ >> Heka mailing list >> [email protected] >> https://mail.mozilla.org/listinfo/heka >> >> >
_______________________________________________ Heka mailing list [email protected] https://mail.mozilla.org/listinfo/heka
