Introducing ODE

ODE stands for Opallios Distribution of ELSA(ODE). For people who are not familiar with ELSA, it stands for Enterprise Log Search and Archive. ELSA is an open-source enterprise ready log management system. It leverages syslog-ng for processing incoming syslog data and Sphinx full-text indexing for log searching. ELSA stands out from other well-known log management system in its high performance and scalability. For more details on ODE refer to its Github site, ODE Github. Below are some sample screenshots of the new charting library.

Sample Query Chart

Sample Dashboard

ELSA to ODE

Martin C Holste, the creator of ELSA, has put together an impressive log management system, as with any open source project the success of the project depends on its adaption. ELSA has all the necessary ingredients to be one of the leading log management solutions, but lacks in some key areas;

  • Installation Process - Though, the installation is pretty straight forward, but is prone to failures in some cases. There is also not much of updates to support newer version of OS.
  • Debugging Tools - ELSA works quite reliably there could be instances when we need to troubleshoot some unseen issues. Improving debugging ability that would reduce TTI (time to investigate) & TTR (time to resolve) would enhance usability of ELSA.
  • Documentation - ELSA has enough documentation that helps a technology expert to configure and get started. However the community would benefit with some documentation like a user guide and use case examples explaining different configurations.
  • Regular Updates - As there are limited number of committers to ELSA, the updates lag sometimes. There are features the community want to see in the future ELSA, with Martin’s approval, Opallios can help bring to the market newer features and updates to ODE.
  • Data Sources - ELSA uses syslog-ng for to process input data. syslog-ng allows you to write parsers for varying number of data formats, but there is limited support for various log formats out-of-box.
  • Analytical Functions - ELSA’s strong data correlation along with dynamic full-text search bodes for impressive analytics, but there is a room for adding more analytical functions that would bring it on par with other leading data analytics engines.

    • As a result to provide a committed roadmap and delivery schedule for these changes, Opallios has decided to fork a branch and initiate ODE (Opallios Distribution of ELSA). ODE will continue to be in sync with ELSA branch for any updates.

    Why ODE?

    There are many reasons why you may choose ODE over other log management tools. ODE is on par in terms of features, scalability and performance at a fraction of cost compared to other more expensive comparable solutions.

    Features

    ODE gives a real time synopsis of what is happening on a computer or network. It is an easy-to-utilize tool that is economical, functional and allows users to analyze the network through alerts and reports, both in near-real time and scheduled.
    Supports over 80 log formats out-of-box
    Search across the cluster using distributed Search
    Correlate data from multiple sources and apply analytical functions
    Slice, dice, and search logs to spot trends and troubleshoot issues
    Custom dashboards, schedule reports, set alerts

    Performance

    A single instance of ODE can process more data than 3-4 instances put together of comparable solutions. ODE’s search and analytical engine can find insights in terabytes of data within seconds.
    Fast search and analytics
    Smart Data Compression
    Ingest data at high speeds
    Seamless cluster management
    High reliability

    Total Cost of Ownership

    The total cost of ownership (TCO) of ODE is fairly low compared to other well-known log management systems. Deploying ODE in your data center can reduce your TCO for log management system by 60-80%.
    Free download
    Multi-layer Support
    Low learning curve
    Minimal Hardware requirements
    Low or maintenance cost

    Scalability

    All ODE instances run independent of each other. There is no sharding of data at index time, but nodes can be easily configured to run as peers for distributed search. ODE is not hardware intensive, a single ODE instance on commodity hardware can perform optimally for over 10TB of data.
    Easy Setup
    High Availability
    Load Balancing
    Data Compression and Archiving
    Not hardware intensive

    OS supported

    The goal behind ODE 0.1 release is to make the ELSA installation reliable and consistent with the primary focus on “the out of the box experience”. As part of ODE 0.1, Opallios provides support for both debian and rpm packages. ODE 0.1 uses the latest ELSA codebase from github. Distributing ODE via standard packages will allow us to have a better control over the flow of installation and support the basic install, remove and update software features. Following OSs have been tested and verified with the ODE 0.1 packages,

  • Debian package - Ubuntu 12.04, Ubuntu 14.04
  • RPM package - Red Hat 6.6, Centos 6.5

    • Opallios also provides AWS images for the above mentioned linux distributions for easier installs and quick ODE evaluation.

    Use Cases

    Security and Compliance

    To battle against modern day security attacks, every byte must be thoroughly analyzed to avoid any inconsistencies or breaches in IT security. ODE helps you to recognize such scenarios faster and quicker than ever before.

    Application Analysis

    Data can be analyzed from different perspectives to gain valuable insights regarding an application or an application stack

    DevOps

    DevOps teams looking to deliver quality products can use ODE’s easy scalable solution to monitor all the key indicators and metrics.

    Consolidated Log Data

    ODE consolidates all your log data in multiple formats at a secure location, allowing you to query and find answers in milliseconds.

    Operations and IT Infrastructure

    With ODE you can collect, store, and analyze data across your entire infrastructure, making it easier to isolate and fix performance and availability issues.

    Troubleshooting and Diagnostics

    With lightning quick response times for searching, monitoring and visualizing the log data, you can be really quick in recognizing root cause of different problems.

    Roadmap

    At Opallios, our goal is to increase ELSA's adaptability by filling in the gaps in its implementation that exist today. In the next few months we will continue to develop on the items we listed earlier in this page. We hope users will find ELSA much more appealing as we continue to check-off items from our to-do list. The roadmap of ODE will also very much depend on our users’ feedback and their wishlist. You can submit your feature request by clicking here
    Feature Request

    Feature Request

    • Or you could upload a file below
    • Drop files here or

    The highlights of initial ODE releases can be seen below:

    • July 2015 ODE 0.1

      Installation Process: A very simple and minimalistic process for installation of ODE. You will have the option of installing through a package or by downloading the image.

      Documentation: Detailed documentation and support with regular updates.

    • Oct 2015 ODE 0.3

      Fluentd: With the introduction of Fluentd ODE will support hundreds of data sources out out of the box.

      New and better UI: Implemented chart.js replacing the default google charts to improve the User Interaction, look and feel of the Web Interface.

      Analytical Functions: Introduction of more aggregate functions to make the most out of ODE's data correlation and full-text search.

    • Dec 2015 ODE 0.5


      Speed up the installation process and support multiple OS

      More Analytical functions

      Detailed documentation with relevant use cases

      Tighter integration with Fluentd
      Bug Fixes
    betheme70wplk