resource_bg
BUSINESS ENQUIRY

Introducing ODE

Today, we are announcing the general availability of ODE 0.1. This is the first release of ODE, the Opallios Distribution of ELSA. For people who are not familiar with ELSA, it stands for Enterprise Log Search and Archive. ELSA is an open-source enterprise ready log management system. It leverages syslog-ng for processing incoming syslog data and Sphinx full-text indexing for log searching. ELSA stands out from other well-known log management system in its high performance and scalability. For more details on ELSA refer to its Github site, https://github.com/mcholste/elsa.

Why ODE?

The first version of ELSA was released back in 2010 and since, has gone through various updates and releases. Over time it has gained a loyal user group with active community. We at Opallios first came across ELSA for one of our customer’s project where we needed a high performing syslog data indexer. There was a rigid requirement on scalability and hardware usage. We needed a system that could ingest syslog data at the rate of 10Mb/sec on a single machine and persist data for over 6 months. Of all the open source log management systems we evaluated ELSA came out ahead, both in terms of performance and scalability. After some rigorous testing and use ELSA impressed us a lot, but at the same time we saw some opportunity for improvement and thus, originated the idea of ODE. Till now, we have noticed from our customer requests that there are some minor changes that if included in the open-source edition, would benefit both – our customers and the community. As a result to provide a committed roadmap and delivery schedule for these changes, we decide to fork a branch and initiate ODE (Opallios Distribution of ELSA).

Martin C Holste, the creator of ELSA, has put together an impressive log management system, but, as with any open source project the success of the project depends on its adaption. We thought ELSA had all the necessary ingredients to be one of the leading log management solution, but lacked in some key areas,

  1. Installation Process – Though, the installation is pretty straight forward, but is prone to failures in some cases. There is also not much of updates to support newer version of OS.
  2. Data Sources – ELSA uses syslog-ng for to process input data. syslog-ng allows you to write parsers for varying number of data formats, but there is limited support for various log formats out-of-box.
  3. Analytical Functions – ELSA’s strong data correlation along with dynamic full-text search bodes for impressive analytics, but there is a room for adding more analytical functions that would bring it on par with other leading data analytics engines.
  4. Debugging Tools – ELSA works quite reliably there could be instances when we need to troubleshoot some unseen issues. Improving debugging ability that would reduce TTI (time to investigate) & TTR (time to resolve) would enhance usability of ELSA.
  5. Documentation – ELSA has just enough documentation that helps a technology expert to configure and get started. However the community would benefit with some documentation like a user guide and use case examples explaining different configurations.
  6. Regular Updates – As there are limited number of committers to ELSA, the updates lag sometimes. There are features the community want to see in the future ELSA, with Martin’s approval that we can help bring to the market faster either in main ELSA branch or in ODE.

After discussion with Martin we agreed to fork out ELSA into ODE to address some of these items. ODE will continue to be in sync with ELSA branch for any updates.

ODE 0.1

The goal behind ODE 0.1 release is to make the ELSA installation reliable and consistent with the primary focus on “the out of the box experience”.  As part of ODE 0.1 we provide support for both debian and rpm packages. ODE 0.1 uses the latest ELSA codebase from github. Distributing ODE via standard packages has allowed us to have a better control over the flow of installation and support the basic install, remove and update software features. There are some other slight changes to make the software more reliable, like using Starman in place of Apache http server. Following OSs have been tested and verified with the ODE 0.1 packages,

  1. Debian package – Ubuntu 12.04, Ubuntu 14.04
  2. RPM package – Red Hat 6.6, Centos 6.5

We will also provide AWS images for the above mentioned linux distributions for easier installs and quick ODE evaluation. The ODE 0.1 packages and images are available for download at ODE github site, https://github.com/opallios/ode.

Roadmap

We are a big supporter of ELSA and are committed to assist Martin in taking it to the next level. Our goal is to increase its adaptability by filling in the gaps in its implementation that exist today. In the next few months we will continue to develop on the items we listed earlier in this blog. We hope users will find ELSA much more appealing as we continue to check-off items from our to-do list. The roadmap of ODE will also very much depend on our users’ feedback and their wish-list.

 Summary

ELSA is a very well thought out and implemented log management system, but has limited popularity due to inconsistent installation process, limited support for various log formats, and minimal documentation/support. Opallios would like to see better adoption of ELSA and is ready to invest its resources to drive higher adoption, as it ELSA provides a real low total cost of ownership option in log management space.  The first step in that direction is to improve ELSA installation process, which we are doing with the release of ODE 0.1. Over next few months Opallios will continue to update ODE adding new features and contributing to ELSA’s growth.

Subscribe to the newsletter

Want to stay on top of the latest information from Opallios?

Sign up for our newsletter, and we’ll let you know about our latest news, updates on our products and services, and helpful tips and articles to learn more about Big Data, Cloud, PaaS platforms like Salesforce.com, and other relevant topics.