Here’s my fun project for a Friday afternoon: send an earthquake RSS feed to Log Insight.
vCenter Log Insight is a powerful log storage and analysis platform, but there is the potential for using this platform for digging into other types information. I’m going to use earthquake data, but any rss feed should work by using cron, syslog and theyoke. And I’m going to do it on a Mac, but this should work on any operating system that has perl, cron and syslog.
Setup
Start by configuring syslog to do remote logging. This process varies depending on your operating system and system logger. I recommend reading ‘man syslog’ on your system to figure out the best way, on my Mac it ware as simply as adding “*.* loginsight-server-address:514” to /etc/syslog.conf. Then I installed theyoke using the instructions, downloading the package and running “perl -MCPAN -e shell” to install all the required modules like the readme says. I found I needed to install Term::Size and Curses::UI as well and then this worked great on OSX. I put theyoke where I could find it later: sudo cp -R theyoke-master /usr/local/lib/theyoke. Ran ‘scripts/theyoke’ once to initialize and then added my rss feed to ~/.theyoke/feeds. For earthquake data I’m using http://www.bgs.ac.uk/feeds/WorldSeismology.xml. Stick this on a timer using ‘crontab -e’:
0 * * * * * /usr/local/lib/theyoke/scripts/theyoke –description | awk ‘// {printf(“%s”,$0);if(length($0)<2) printf(“n”);} ‘ | logger
Digging Into the Numbers
Now that I have the earthquake data in Log Insight, I extract a few fields for earthquake depth, magnitude and location.
Already the preview chart shows that someplace has twice as many earthquakes as the other locations
Next I create a bar chart for largest quakes by location
So now I wonder which part of the earth is having the most earthquakes. I have longitude and latitude in the feed and Log Insight lets me group integer values into “buckets”, so I choose every 180 degrees and come up with a chart for the average quake magnitude for each quadrant of the globe.
Stick these charts on a dashboard
And now I have a great worldwide earthquake-monitoring dashboard and I’m waiting for more data to come in. Log Insight made short work of digging into that raw data feed. What other type of data feeds can Log Insight analyze? Head over to http://loginsight.vmware.com/ and give us your ideas.
