Welcome!

@BigDataExpo Authors: Elizabeth White, Shelly Palmer, Pat Romanski, Karthick Viswanathan, Yeshim Deniz

Related Topics: @BigDataExpo, Java IoT, Microservices Expo, Linux Containers, Agile Computing, @CloudExpo

@BigDataExpo: Article

What Is 'Real-Time' Anyway...?

One of my (least) favorite buzzwords in the logging space is “real-time."

I love a good buzzword...cloud, Big Data, analytics... And even more than the buzzwords, I love the liberties people tend to take applying these buzzwords to their new systems and services. Such buzzwords regularly get abused and often get washed into marketing material and product websites in an attempt to hoodwink and woo new unsuspecting customers. One of my (least) favorite buzzwords, that I've noticed popping up more recently in particular in the logging space is "real-time."

So what does real-time mean anyway? Like with all good computer science questions, it really depends on the context.  John Stankovic, in his seminal 1988 article in IEEE Computer entitled ‘Misconceptions of real-time computing' describes a real time system as follows:

"A real-time system is one in which the correctness of the system depends not only on the logical result of computation, but also on the time at which the results are generated."[1]

An example is, what are referred to as, "hard-real-time systems" [2], where computation must meet stringent timing constraints and one must guarantee that those computations must be completed before specified deadlines. Failure to do so can lead to intolerable system degradation and can in some applications lead to catastrophic loss of life or property.

Many safety-critical systems are hard-real-time systems, and include embedded tactical systems for military applications, flight mission control, traffic control, production control, nuclear plant control etc. and in many cases the real-time properties need to be guaranteed and proven - often using techniques such as formal methods [3] for example.

Near real-time is often defined as not having any hard constraints, but implies that there are no significant delay in processing of the event. In many cases this means within a few milliseconds or seconds of the event - again this really depends on the context. From a system monitoring perspective (of non-safety critical applications) near real-time, i.e. within a few seconds, is usually sufficient when it comes to alerting for example. And by non-safety critical, I mean, your site/app might be down, but it will not lead to loss of life. That being said it could be resulting in serious loss of $$$.

In such scenarios if there is something awry with one of system components you want to be notified about this immediately, so that right away you can go about rectifying the issue. A few minutes is usually unacceptable however, as generally this means that users/customers of your system/service are being effected without you knowing anything about this, resulting in damage to your brand and business top line.

This is what really surprises me when I see so many log management solutions that run their alerting as background jobs or saved searches which run periodically every 5, 10 or 15 mins. In my opinion this doesn't really cut it when it comes to alerting and is NOT real- time/near real-time by any standard. Consider this, if there was an emergency at home do you think it would be acceptable to wait 5, 10 or 15 minutes before you picked up the phone and called the emergency services. A few seconds, yes, a few minutes NO!

A further observation by Stankovic in his 1988 article was that another common misconception in relation to real-time systems is that throwing hardware at the problem can solve this issue - however as Stankovic rightly points out, throwing hardware at the problem is not the answer - it's all about the architecture.

That's why we have built a very different architecture to any other logging provider. In short, most log management solutions work as follows:

  • Data is sent to the log management service
  • It is indexed and written to disk
  • You can make use of their (complex) search language to dig into your data
  • If you want to create notifications you need to set up saved searches (using the complex search language) that you can schedule to run every 5, 10 or 15 mins.

At Logentries we have flipped this approach on its head and have built a unique pre-processing layer as part of our system architecture that allows for real-time processing of your data such that the analysis of your log events is done up front and in near real-time. And, when we say real-time, we mean real-time.

It works as follows:

LIVE_TAIL

  • Data is sent to Logentries
  • It passes through our pre-processing layer which analyzes each event for defined patterns(i.e.keywords,regular expressions,defined search expressions) in real-time
  • Notifications can be generated from our pre-processing layer such that you receive them within seconds of the important events occurring (e.g. exceptions, errors, warnings...)

The end result is that you get notified in seconds as opposed to minutes. In a world where time is money, and where buzzwords are only as useful as the architecture behind them, I vote for REAL real-time alerting - as it is an important requirement in any logging service!

[1] J. Stankovic, Misconceptions of real-time computing', IEEE Computer, 1988

[2] Jia Xu and David Lorge Parnas, ‘On Satisfying Timing Constraints in Hard-Real-Time Systems' IEEE Transactions on Software Engineering, Vol 19, No. 1, Jan 1993

[3] ‘Formal methods for the design of Real Time Systems', Springer, International School on Formal Methods for the Design of Computer, Communication and Software Systems, September 2004

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

@BigDataExpo Stories
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...
Internet of @ThingsExpo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devic...
SYS-CON Events announced today that SourceForge has been named “Media Sponsor” of SYS-CON's 21st International Cloud Expo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. SourceForge is the largest, most trusted destination for Open Source Software development, collaboration, discovery and download on the web serving over 32 million viewers, 150 million downloads and over 460,000 active development projects each and every month.
Today traditional IT approaches leverage well-architected compute/networking domains to control what applications can access what data, and how. DevOps includes rapid application development/deployment leveraging concepts like containerization, third-party sourced applications and databases. Such applications need access to production data for its test and iteration cycles. Data Security? That sounds like a roadblock to DevOps vs. protecting the crown jewels to those in IT.
SYS-CON Events announced today that Interface Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Interface Corporation is a company developing, manufacturing and marketing high quality and wide variety of industrial computers and interface modules such as PCIs and PCI express. For more information, visit http://www.i...
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
What is the best strategy for selecting the right offshore company for your business? In his session at 21st Cloud Expo, Alan Winters, U.S. Head of Business Development at MobiDev, will discuss the things to look for - positive and negative - in evaluating your options. He will also discuss how to maximize productivity with your offshore developers. Before you start your search, clearly understand your business needs and how that impacts software choices.
SYS-CON Events announced today that Cedexis will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Cedexis is the leader in data-driven enterprise global traffic management. Whether optimizing traffic through datacenters, clouds, CDNs, or any combination, Cedexis solutions drive quality and cost-effectiveness.
SYS-CON Events announced today that Mobile Create USA will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Mobile Create USA Inc. is an MVNO-based business model that uses portable communication devices and cellular-based infrastructure in the development, sales, operation and mobile communications systems incorporating GPS capabi...
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
SYS-CON Events announced today that Keisoku Research Consultant Co. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Keisoku Research Consultant, Co. offers research and consulting in a wide range of civil engineering-related fields from information construction to preservation of cultural properties. For more information, vi...
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
SYS-CON Events announced today that Enroute Lab will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enroute Lab is an industrial design, research and development company of unmanned robotic vehicle system. For more information, please visit http://elab.co.jp/.
SYS-CON Events announced today that Ryobi Systems will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ryobi Systems Co., Ltd., as an information service company, specialized in business support for local governments and medical industry. We are challenging to achive the precision farming with AI. For more information, visit http:...
21st International Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Me...
Real IoT production deployments running at scale are collecting sensor data from hundreds / thousands / millions of devices. The goal is to take business-critical actions on the real-time data and find insights from stored datasets. In his session at @ThingsExpo, John Walicki, Watson IoT Developer Advocate at IBM Cloud, will provide a fast-paced developer journey that follows the IoT sensor data from generation, to edge gateway, to edge analytics, to encryption, to the IBM Bluemix cloud, to Wa...
The “Digital Era” is forcing us to engage with new methods to build, operate and maintain applications. This transformation also implies an evolution to more and more intelligent applications to better engage with the customers, while creating significant market differentiators. In both cases, the cloud has become a key enabler to embrace this digital revolution. So, moving to the cloud is no longer the question; the new questions are HOW and WHEN. To make this equation even more complex, most ...
SYS-CON Events announced today that Fusic will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Fusic Co. provides mocks as virtual IoT devices. You can customize mocks, and get any amount of data at any time in your test. For more information, visit https://fusic.co.jp/english/.
SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc.
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp em...