Elasticsearch

Installation

1. If you have not already done so, Download the FRINX ODL distribution and install it
2. Install Elasticsearch – download the zip file, then unpackage it by opening a terminal, going to the directory where the download file is, and typing

In the unpackaged folder, start elasticsearch with

3. Install Kibana – download the version appropriate to your system. For the Linuz-64 bit tar.gz download file, unpackage it with

In the unpackaged folder, start kibana with

4. Install logstash – which we’ll use for collecting and parsing log files. It can transform an unstructured log into something meaningful and searchable.

For the Linuz-64 bit tar.gz download file, unpackage it with

Configuration

The base configuration is to use log4j socket listener for Logstash and the log4j socket appender in ODL Frinx.

Configure Log4j

In the Frinx ODL distribution, go to your /etc directory.

Backup your old Log4j config if it exists:

Now open org.ops4j.pax.logging.cfg in a text editor.

At the top of the file, under ‘Root logger’ you will see the following lines:

log4j.rootLogger=INFO, async, osgi:*

log4j.category.org.apache.karaf.features=DEBUG log4j.category.io.frinx=DEBUG log4j.category.org.opendaylight.controller.cluster=DEBUG log4j.category.org.opendaylight.netconf.sal.connect=DEBUG log4j.category.org.opendaylight.netconf.topology=DEBUG

Replace the first four of these lines with the following:

log4j.rootLogger= INFO, out,ELKTransform,osgi:*

log4j.appender.ELKTransform=org.apache.log4j.net.SocketAppender log4j.appender.ELKTransform.port=9500 log4j.appender.ELKTransform.remoteHost=127.0.0.1

Save the file.

Configure Logstash

We must now configure socket listener for Logstash.

From your logstash folder (the folder created from unpackaging the download file at the start of this guide), move into the config folder:

Create a blank file named logstash.conf

Enter the following into the file and save it. Parameters in [] are explained below:

For more info see: Getting started with Logstash and Log4j

We started elasticsearch and kibana after downloading (see the start of this guide).

We now need to start logstash. Move to your main logstash folder:

The start logstash with

Operation

We have already started elasticsearch, kibana, and logstash. Now start karaf as normal by going to your FRINX ODL Distribution main directory for example distribution-karaf-2.3.0.frinx.

Then type

All logging information is now logged to an Elasticsearch node though Logstash. This information can be analysed with Kibana. Open Kibana in a Web browser by going to http://localhost:5601

Other links
Elastic search products
Running Logstash and Elasticsearch in docker
How To Install Elasticsearch, Logstash, and Kibana (ELK Stack) on Ubuntu 14.04

Feature Guide
Feature introduced in FRINX 1.4.0 Elastic search module