# Build Unified Logging Layer{background-color="black" background-image="https://www.fluentd.org/images/fluentd-website-banner-n.jpg" background-size="100%" background-opacity="0.5" background-position="top"}

## Unified Logging Layer
Fluentd decouples data sources from backend systems by providing a unified logging layer in between.

:::: {.columns}

::: {.fragment .column width="50%"}

**Before Fluentd**

![](https://www.fluentd.org/images/fluentd-before.png)
::: 

::: {.fragment .column width="50%"}

**After Fluentd**

![](https://www.fluentd.org/images/fluentd-architecture.png)
:::
::::

## Simple yet Flexible

:::: {.columns}

::: {.fragment .column width="50%"}

- Fluentd's 500+ [plugins](https://www.fluentd.org/plugins/all#input-output) connect it to many data sources and outputs while keeping its core simple.
- Plugins are written in Ruby and hosted in rubygems

::: 

::: {.fragment .column width="50%"}
![](http://fredericiana.com/media/wp/2012/05/rubygems.jpg)
[Source](http://fredericiana.com/2012/05/24/meme-ruby-gems/)
:::
::::



## Proven

:::: {.columns}

::: {.fragment .column width="50%"}
- 5,000+ data-driven companies rely on Fluentd. 
- Its largest user currently collects logs from 50,000+ servers.
- [Testimonials](https://www.fluentd.org/testimonials)
::: 

::: {.fragment .column width="50%"}
Member of
[Cloud Native Computing Foundation](https://www.cncf.io/)

![](https://www.fluentd.org/images/cncf.png)
:::
::::



## Use Cases and How To
:::: {.columns}

::: {.fragment .column width="50%"}
**Use cases**

<https://docs.fluentd.org/quickstart#step-2-use-cases>

**Treasure Data**

- Fluentd is an advanced open-source log collector originally developed at Treasure Data, Inc. Fluentd is specifically designed to solve the big-data log collection problem.
- Treasure Data provides Cloud Data Service, which Fluentd users can use to easily store and analyze data on the cloud. Fluentd is designed to flexibly connect with many systems via plugins, but Treasure Data should be your top choice if you don't want to spend engineering resources maintaining your backend infrastructure.
::: 

::: {.fragment .column width="50%"}
**How To Guides**

<https://docs.fluentd.org/how-to-guides>


::: {.callout-warning}
- No real use case with Fluentd-Kafka, maybe is more for fluentbit ?
- Some consultant <https://fluentd.ctc-america.com/blog/fluentd-with-kafka-1>
:::

:::
::::


# Log data is for machines
![](https://www.fluentd.org/images/blog/unified-logging-machine-to-machine.png)
https://www.fluentd.org/blog/unified-logging-layer

# Fluentd internals

## Architecture
![](https://www.fluentd.org/images/architecture/pluggable.png){.r-scratch}

## Life of a fluentd event
<https://docs.fluentd.org/quickstart/life-of-a-fluentd-event>

### Event Structure

:::: {.columns}


::: {.fragment .column width="50%"}
- tag: Specifies the origin where an event comes from. It is used for
message routing.
- time: Specifies the time when an event happens with nanosecond resolution.
- record: Specifies the actual log as a JSON object.
::: 

::: {.fragment .column width="50%"}
![](https://drek4537l1klr.cloudfront.net/wilkins/v-10/Figures/2.1.png)
[Source](https://livebook.manning.com/book/logging-in-action/chapter-2/v-10/14>)

:::
::::



### Configuration File

:::: {.columns}

::: {.fragment .column width="50%"}
The configuration file is the fundamental piece to connect all things together, as it allows to define which Inputs or listeners Fluentd will have and set up common matching rules to route the Event data to a specific Output.
::: 

::: {.fragment .column width="50%"}
```config
<source>
  @type http
  port 8888
  bind 0.0.0.0
</source>

<filter test.cycle>
  @type grep
  <exclude>
    key action
    pattern ^logout$
  </exclude>
</filter>

<match test.cycle>
  @type stdout
</match>
```
:::
::::



### Processing Events
- When a Setup is defined, the Router Engine contains several predefined rules to apply to different input data. 
- Internally, an Event will to pass through a chain of procedures that may alter its lifecycle.

![](https://docs.fluentd.org/~gitbook/image?url=https%3A%2F%2F1982584918-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-legacy-files%2Fo%2Fassets%252F-LR7OsqPORtP86IQxs6E%252F-MVwXvk8kRUuvZ8uRcvR%252F-MVw_k4ndwOYIGej0jll%252FScreen%2520Shot%25202021-03-16%2520at%252012.50.12%2520PM.png%3Falt%3Dmedia%26token%3D1b6e2cce-6670-4be2-b007-44700b42d7dc&width=768&dpr=4&quality=100&sign=c3151ad7&sv=1){.fragment}

## Plugin types{background-color="white" background-image="https://ithemes.com/wp-content/uploads/2017/05/what-is-a-plugin.png" background-size="50%" background-opacity="0.2" background-position="center"}
<https://docs.fluentd.org/input>

:::: {.columns}

::: {.fragment .column width="50%"}
Fluentd has 9 types of plugins:

- [Input](https://docs.fluentd.org/input): retrieve and pull event logs from the external sources
- [Parser](https://docs.fluentd.org/parser): depends on Input type, verify if the event input is syntactly correct. 
- [Filter](https://docs.fluentd.org/filter): allows to filter data, add/delete/mask fields
- [Output](https://docs.fluentd.org/output): sends data to destination
- [Formatter](https://docs.fluentd.org/formatter): For an output plugin that supports Formatter, the <format> directive can be used to change the output format.



::: 

::: {.fragment .column width="50%"}
- [Storage](https://docs.fluentd.org/storage): maintains durable information in the ingestion phase
- [Service Discovery](https://docs.fluentd.org/service_discovery): For output plugins, allows to define rules to select destinations (load balancing,...)
- [Buffer](https://docs.fluentd.org/buffer): Define chunks for output plugins
- [Metrics](https://docs.fluentd.org/metrics): To monitor fluentd
:::
::::


# Demo Netcat
<https://docs.fluentd.org/container-deployment/install-by-docker>

:::: {.columns}

::: {.fragment .column width="50%"}
**Conf** 

```
<source>
  @type http
  port 9880
  bind 0.0.0.0
</source>

# accept all log events regardless of tag and write them to the console
<match **>
    @type stdout
</match>
 ```

::: 

::: {.fragment .column width="50%"}
**Run** 
```bash
docker run --rm --hostname='fluentd' -p 9880:9880` -v\ 
$(pwd)/conf:/fluentd/etc fluentd -c /fluentd/etc/fluentd.conf
```
:::
::::

::: {.fragment}
**Test**
```bash
curl -X POST -d 'json={"json":"Hello World"}' http://127.0.0.1:9880/sample.test
```
:::


# Fluent Bit{background-color="white" background-image="https://fluentbit.io/images/hero.svg" background-size="100%" background-opacity="0.8" background-position="center"}

<https://fluentbit.io/>

## A basic example
<https://docs.fluentbit.io/manual/installation/docker>

```bash
docker run -ti cr.fluentbit.io/fluent/fluent-bit -i cpu -o stdout
```

# Calyptia
<https://calyptia.com/>

:::: {.columns}

::: {.fragment .column width="50%"}
**Log Pipelines Simplified**

From the maintainers of Fluent Bit and Fluentd, Calyptia Core enables you to seamlessly manage your data from source to destination. We enable turnkey log collection, aggregation, transformation, and forwarding from any source to any destination.

::: {.callout-important}
Chronosphere has acquired Calyptia. Chronosphere is the only cloud native observability platform that helps teams quickly resolve incidents before they impact the customer experience and the bottom line. Combined with the power of Calyptia, Chronosphere provides end-to-end control and insights into your observability data.
:::

::: 

::: {.fragment .column width="50%"}
![](https://calyptia.com/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F97087%2F1684794673-banneranimation.gif&w=3840&q=75)
:::
::::

