I’ve a Raspberry Pi that I use for various things. I’m a big fan of these little boxes, but they can be temperamental. You end up fiddling around to get things installed and sometimes even a simple package update will leave the box a dead parrot. A couple weeks back, I was just running a regular update and my Pi died a horrible death. The upside with a Pi is you just re-image the disk and you’re back in business. The disks are small, the process simple. However, if you’ve customized things all that’s gone.
I decided to rebuild my Pi, after re-imaging it, using Ansible. Ansible is straightforward and easy to start up with. I’ve used it on and off over time and am proficient with it. In under an hour I had rebuilt my Pi, with all my customizations with an ansible playbook. It didn’t take much more effort than doing it by hand really, but I did feel like maybe I’d gone a bit far using ansible. Until the next morning that is. I’d forgotten a few security measures, and my Pi is accessible to the internet, and in less than half a day someone or some bot had gotten in and taken over. Sigh. Now the whole ansible decision seemed far wiser. I enhanced my playbook with the security changes, re-images, and reran, and the Pi was back and better in under twenty minutes.
Since that practical example, I’ve done everything on my Pi via ansible and had no regrets.
I wrote previously about using fluentd to collect logs as a quick solution until the “real” solution happened. Well, like many “temporary” solutions, it settled in and took root. I was happy with it, but got progressively more bored of coming up with elaborate command pipelines to parse the logs.
So in the best DevOps tradition, rather than solve the initial strategic problem, I came up with an another layer of paint to slap on as a tactical fix, and fluentsee was born. Fluentsee is written in Java, and lets you filter the logs, and print out different format outputs:
$ java -jar fluentsee-1.0.jar --help
Option (* = required) Description
--help Get command line help.
* --log <String: filename> Log file to use.
--match <String: field=regex> Define a match for filtering output. May pass in
--tail Tail the log.
--verbose Print verbose format entries.
So, for example, to see all the log entries from the nginx container, with a POST you would:
$ java -jar fluentsee-1.0.jar --log /fluentd/data.log \
--match 'json.container_name=.*nginx.*' --match 'json.log=.*POST.*'
The matching uses Java regex’s. The parsing isn’t wildly efficient but keeps up generally.
Grab it on Github
There’s a functional version now on github, and you can expect enhancements, as I continue to ignore the original problem and focus on the tactical patch.