Skip to main content

Sumo Logic App for Cassandra

Thumbnail icon

The Cassandra app is a unified logs and metrics app that helps you monitor the availability, performance, health, and resource utilization of your Cassandra clusters. Preconfigured dashboards provide insight into cluster health, resource utilization, cache/Gossip/Memtable statistics, compaction, garbage collection, thread pools, and write paths.

Log Types

The app supports Logs and Metrics from the open-source version of Cassandra. The App is tested on the 3.11.10 version of Cassandra.

Cassandra has three main logs, system.log, debug.log, and gc.log which hold general logging messages, debugging logging messages, and java garbage collection logs respectively.

These logs by default live in ${CASSANDRA_HOME}/logs, but most Linux distributions relocate logs to /var/log/cassandra. Operators can tune this location as well as what levels are logged using the provided logback.xml file. For more details on Cassandra logs, see this link.

The Sumo Logic App for Cassandra supports metrics generated by the Jolokia2 plugin for Telegraf. The app assumes prometheus format Metrics.

Collecting Logs and Metrics for Cassandra

This section provides instructions for configuring log and metric collection for the Sumo Logic App for Cassandra.

Step 1: Configure Fields in Sumo Logic

Create the following Fields in Sumo Logic prior to configuring collection. This ensures that your logs and metrics are tagged with relevant metadata, which is required by the app dashboards. For information on setting up fields, see Sumo Logic Fields.

If you're using Cassandra in a Kubernetes environment, create the fields:

  • pod_labels_component
  • pod_labels_environment
  • pod_labels_db_system
  • pod_labels_db_cluster
  • pod_labels_db_cluster_address
  • pod_labels_db_cluster_port

Step 2: Configure Collection for Cassandra

In Kubernetes environments, we use the Telegraf Operator, which is packaged with our Kubernetes collection. You can learn more about it here.

The diagram below illustrates how data is collected from Cassandra in a Kubernetes environment. In the architecture shown below, make up the metric collection pipeline: Telegraf, Prometheus, Fluentd and FluentBit.
cassandra

The first service in the pipeline is Telegraf. Telegraf collects metrics from Cassandra. Note that we’re running Telegraf in each pod we want to collect metrics from as a sidecar deployment for example, Telegraf runs in the same pod as the containers it monitors. Telegraf uses the Jolokia2 input plugin to obtain metrics. For simplicity, the diagram doesn’t show the input plugins.

The injection of the Telegraf sidecar container is done by the Telegraf Operator. We also have Fluentbit that collects logs written to standard out and forwards them to FluentD, which in turn sends all the logs and metrics data to a Sumo Logic HTTP Source.

Prerequisites

It’s assumed that you're using the latest helm chart version. If not, upgrade using the instructions here.

Configure Metrics Collection

Follow the steps listed below to collect Cassandra metrics from a Kubernetes environment.

  1. Set up your Kubernetes Collection with the Telegraf Operator.
  2. On your Cassandra Pods, add the following annotations:
annotations:
 telegraf.influxdata.com/class: sumologic-prometheus
 prometheus.io/scrape: "true"
 prometheus.io/port: "9273"
 telegraf.influxdata.com/inputs: |+
[[inputs.jolokia2_agent]]
 urls = ["http://localhost:8778/jolokia"]
 name_prefix = "cassandra_java_"
[inputs.jolokia2_agent.tags]
 environment="prod"
 component="database"
 db_system="cassandra"
 db_cluster="cassandra_on_premise"
 dc = "IDC1"
 [[inputs.jolokia2_agent.metric]]
   name  = "Memory"
   mbean = "java.lang:type=Memory"
 [[inputs.jolokia2_agent.metric]]
   name  = "GarbageCollector"
   mbean = "java.lang:name=*,type=GarbageCollector"
   tag_keys = ["name"]
   field_prefix = "$1_"
[[inputs.jolokia2_agent.metric]]
  name=”OperatingSystem”
  mbean=”java.lang:type=OperatingSystem”
  paths = [“FreePhysicalMemorySize", "AvailableProcessors", "SystemCpuLoad", "TotalPhysicalMemorySize", "TotalSwapSpaceSize", "SystemLoadAverage"]
[[inputs.jolokia2_agent]]
 urls = ["http://localhost:8778/jolokia"]
 name_prefix = "cassandra_"
[inputs.jolokia2_agent.tags]
 environment="ENV_TO_BE_CHANGED"
 component="database"
 db_system="cassandra"
 db_cluster="cassandra_on_premise"
 db_cluster_address = “ENV_TO_BE_CHANGED”
 db_cluster_port = “ENV_TO_BE_CHANGED”
 dc = "IDC1"
 [[inputs.jolokia2_agent.metric]]
   name  = "TableMetrics"
   mbean = "org.apache.cassandra.metrics:name=*,scope=*,keyspace=*,type=Table"
   tag_keys = ["name", "scope","keyspace"]
   field_prefix = "$1_"
 [[inputs.jolokia2_agent.metric]]
   name = "DroppedMessageMetrics"
   mbean = "org.apache.cassandra.metrics:name=*,scope=*,type=DroppedMessage"
   tag_keys = ["name", "scope"]
   field_prefix = "$1_"
 [[inputs.jolokia2_agent.metric]]
   name = "ClientMetrics"
   mbean = "org.apache.cassandra.metrics:type=Client,name=*"
   tag_keys = ["name"]
   field_prefix = "$1_"
 [[inputs.jolokia2_agent.metric]]
   name = "ThreadPoolMetrics"
   mbean = "org.apache.cassandra.metrics:type=ThreadPools,path=*,scope=*,name=*"
   tag_keys = ["name", "scope", "path"]
   field_prefix = "$1_"
 [[inputs.jolokia2_agent.metric]]
   name = "CacheMetrics"
   mbean = "org.apache.cassandra.metrics:type=Cache,scope=*,name=*"
   tag_keys = ["name", "scope"]
   field_prefix = "$1_"
 [[inputs.jolokia2_agent.metric]]
   name = "CommitLogMetrics"
   mbean = "org.apache.cassandra.metrics:type=CommitLog,name=*"
   tag_keys = ["name"] field_prefix = "$1_"

Enter in values for the following parameters (marked ENV_TO_BE_CHANGED above):

  • telegraf.influxdata.com/inputs - This contains the required configuration for the Telegraf Cassandra Input plugin. Please refer to this doc for more information on configuring the Cassandra input plugin for Telegraf. As Telegraf will be run as a sidecar, the host should always be localhost.
    • In the input plugins section ([[inputs.jolokia2_agent]]):
      • urls - The URL to the Cassandra server. This can be a comma-separated list to connect to multiple Cassandra servers. Please see this doc for more information on additional parameters for configuring the Cassandra input plugin for Telegraf.
    • In the tags section ([[inputs.jolokia2_agent]]):
      • environment - This is the deployment environment where the Cassandra cluster identified by the value of servers resides. For example: dev, prod or qa. While this value is optional we highly recommend setting it.
      • db_cluster - Enter a name to identify this Cassandra cluster. This cluster name will be shown in the Sumo Logic dashboards.
      • db_cluster_address - Enter the cluster hostname or ip address that is used by the application to connect to the database. It could also be the load balancer or proxy endpoint.
      • db_cluster_port - Enter the database port. If not provided, a default port will be used

Here’s an explanation for additional values set by this configuration that we request you do not modify, as they will cause the Sumo Logic apps to not function correctly.

  • telegraf.influxdata.com/class: sumologic-prometheus - This instructs the Telegraf operator what output to use. This should not be changed.
  • prometheus.io/scrap: "true" - This ensures our Prometheus will scrape the metrics.
  • prometheus.io/port: "9273" - This tells prometheus what ports to scrape on. This should not be changed.
  • telegraf.influxdata.com/inputs
    • In the tags section ([inputs.jolokia2_agent.tags]):
      • component: “database” - This value is used by Sumo Logic apps to identify application components.
      • db_system: “cassandra” - This value identifies the database system.
note

db_cluster_address and db_cluster_port should reflect exact configuration of DB client configuration in your application, especially if you instrument it with OT tracing. The values of these fields should match exactly the connection string used by the database client (reported as values for net.peer.name and net.peer.port metadata fields).

For example if your application uses “cassandra-prod.sumologic.com:3306” as the connection string, the field values should be set as follows: db_cluster_address=cassandra-prod.sumologic.com db_cluster_port=3306.

If your application connects directly to a given Cassandra node, rather than the whole cluster, use the application connection string to override the value of the “host” field in the Telegraf configuration: host=cassandra-prod.sumologic.com.

Pivoting to Tracing data from Entity Inspector is possible only for “Cassandra address” Entities.

See this doc for more parameters that can be configured in the Telegraf agent globally. 3. Sumo Logic Kubernetes collection will automatically start collecting metrics from the pods having the labels and annotations defined in the previous step. 4. Verify metrics in Sumo Logic.

Configure Logs Collection

This section explains the steps to collect Cassandra logs from a Kubernetes environment.

  1. Add labels on your Cassandra pods to capture logs from standard output on Kubernetes.

    1. Apply following labels to the Cassandra pods:
      environment: "<Ex prod, stag>"
      component: "database"
      db_system: "cassandra"
      db_cluster: "<Your_Cassandra_Cluster_Name>"--Enter Default if you do not have one.
      db_cluster_address: <your cluster’s hostname or ip address or service endpoint>
      db_cluster_port: <database port>
      Please enter values for the following parameters:

    • environment - This is the deployment environment where the Cassandra cluster identified by the value of servers resides. For example: dev, prod or qa. While this value is optional we highly recommend setting it.

    • db_cluster- Enter a name to identify the Cassandra cluster. The cluster name will be shown in the Sumo Logic dashboards.

      Do not modify the following values as it will cause the Sumo Logic apps to not function correctly.

    • component: “database” - This value is used by Sumo Logic apps to identify application components.

    • db_system: “Cassandra” - This value identifies the database system.

    • db_cluster_address - Enter the cluster hostname or ip address that is used by the application to connect to the database. It could also be the load balancer or proxy endpoint.

    • db_cluster_port - Enter the database port. If not provided, a default port will be used

note

db_cluster_address and db_cluster_port should reflect exact configuration of DB client configuration in your application, especially if you instrument it with OT tracing. The values of these fields should match exactly the connection string used by the database client (reported as values for net.peer.name and net.peer.port metadata fields).

For example if your application uses “cassandra-prod.sumologic.com:3306” as the connection string, the field values should be set as follows: db_cluster_address=cassandra-prod.sumologic.com db_cluster_port=3306

If your application connects directly to a given Cassandra node, rather than the whole cluster, use the application connection string to override the value of the “host” field in the Telegraf configuration: host=cassandra-prod.sumologic.com

Pivoting to Tracing data from Entity Inspector is possible only for “Cassandra address” Entities.

For all other parameters, see this doc for more parameters that can be configured in the Telegraf agent globally.

  1. (Optional) Collecting Cassandra Logs from a Log File on Kubernetes.

    1. Determine the location of the Cassandra log file on Kubernetes. This can be determined from the Cassandra logback.xml for your Cassandra cluster along with the mounts on the Cassandra pods.
    2. Install the Sumo Logic tailing sidecar operator.
    3. Add the following annotation in addition to the existing annotations.
      annotations:
        tailing-sidecar: sidecarconfig;<mount>:<path_of_Cassandra_log_file>/  <Cassandra_log_file_name>
      Example:
      annotations:
        tailing-sidecar: sidecarconfig;data:/opt/bitnami/cassandra/logs/cassandra.log
    4. Make sure that the Cassandra pods are running and annotations are applied by using the command:
      kubectl describe pod <Cassandra_pod_name>
    5. Sumo Logic Kubernetes collection will automatically start collecting logs from the pods having the annotations defined above.
    6. Verify logs in Sumo Logic.

  2. Add an FER to normalize the fields in Kubernetes environments. Labels created in Kubernetes environments automatically are prefixed with pod_labels. To normalize these for our app to work, we need to create a Field Extraction Rule if not already created for Proxy Application Components. This step is not needed if one is using application components solution terraform script. To do so:

    1. Go to Manage Data > Logs > Field Extraction Rules.
    2. Click the + Add button on the top right of the table.
    3. The Add Field Extraction Rule form will appear:

  3. Enter the following options:

    • Rule Name. Enter the name as App Observability - Database.
    • Applied At. Choose Ingest Time
    • Scope. Select Specific Data
    • Scope: Enter the following keyword search expression: 
      pod_labels_environment=* pod_labels_component=database pod_labels_db_system=* pod_labels_db_cluster=*
    • Parse Expression. Enter the following parse expression:
    if (!isEmpty(pod_labels_environment), pod_labels_environment, "") as environment
    | pod_labels_component as component
    | pod_labels_db_system as db_system
    | if (!isEmpty(pod_labels_db_cluster), pod_labels_db_cluster, null) as db_cluster

  4. Click Save to create the rule.

Installing Cassandra Monitors

To install these monitors, you must have the Manage Monitors role capability. You can install monitors by importing a JSON file or using a Terraform script.

Sumo Logic has provided pre-packaged alerts available through Sumo Logic monitors to help you proactively determine if a Cassandra cluster is available and performing as expected. These monitors are based on metric and log data and include pre-set thresholds that reflect industry best practices and recommendations. For more information about individual alerts, see Cassandra Alerts.

There are limits to how many alerts can be enabled. For more information, see Monitors for details.

Method A: Importing a JSON file

  1. Download the JSON file that describes the monitors.

  2. The JSON contains the alerts that are based on Sumo Logic searches that do not have any scope filters and therefore will be applicable to all Cassandra clusters, the data for which has been collected via the instructions in the previous sections.

    However, if you would like to restrict these alerts to specific clusters or environments, update the JSON file by replacing the text db_cluster=* with <Your Custom Filter>. Custom filter examples:

    • For alerts applicable only to a specific cluster, your custom filter would be: db_cluster=dev-cassandra-01.
    • For alerts applicable to all clusters that start with cassandra-prod, your custom filter would be: db_cluster=cassandra-prod*.
    • For alerts applicable to specific clusters, within a production environment, your custom filter would be:db_cluster=dev-cassandra-01 AND environment=prod. This assumes you have set the optional environment tag while configuring collection.

  3. Go to Manage Data > Alerts > Monitors.

  4. Click Add.

  5. Click Import.

  6. On the Import Content popup, enter Cassandra in the Name field, paste the JSON into the popup, and click Import.

  7. The monitors are created in a "Cassandra" folder. The monitors are disabled by default. See the Monitors topic for information about enabling monitors and configuring notifications or connections.

Method B: Using a Terraform script

  1. Generate an access key and access ID for a user that has the Manage Monitors role capability. For instructions, see Access Keys.
  2. Download Terraform 0.13 or later and install it.
  3. Download the Sumo Logic Terraform package for Cassandra monitors. The alerts package is available in the Sumo Logic github repository. You can either download it using the git clone command or as a zip file.
  4. Alert Configuration. After extracting the package, navigate to the terraform-sumologic-sumo-logic-monitor/monitor_packages/Cassandra/ directory.
  5. Edit the Cassandra.auto.tfvars file and add the Sumo Logic Access Key and Access ID from Step 1 and your Sumo Logic deployment. If you're not sure of your deployment, see Sumo Logic Endpoints and Firewall Security.
access_id   = "<SUMOLOGIC ACCESS ID>"
access_key  = "<SUMOLOGIC ACCESS KEY>"
environment = "<SUMOLOGIC DEPLOYMENT>"
  1. The Terraform script installs the alerts without any scope filters, if you would like to restrict the alerts to specific clusters or environments, update the cassandra_data_source variable. For example:
    • To configure alerts for a specific cluster, set cassandra_data_source to something like db_cluster=cassandra.prod.01
    • To configure alerts for all clusters in an environment, set cassandra_data_source to something like environment=prod
    • To configure alerts for multiple clusters using a wildcard, set cassandra_data_source to something like db_cluster=cassandra-prod*
    • To configure alerts for...A specific clusters within a specific environment, set cassandra_data_source to something like db_cluster=cassandra-1 and environment=prod. This assumes you have configured and applied Fields as described Configure Fields in Sumo Logic step.

All monitors are disabled by default on installation. To enable all of the monitors, set the monitors_disabled parameter to false. By default, the monitors will be located in a "Cassandra" folder on the Monitors page. To change the name of the folder, update the monitor folder name in the folder variable in the Cassandra.auto.tfvars file.

  1. If you want your alerts to send email or connection notifications, edit the Cassandra_notifications.auto.tfvars file to populate the connection_notifications and email_notifications sections. Examples are provided below.

    In the variable definition below, replace <CONNECTION_ID> with the connection ID of the Webhook connection. You can obtain the Webhook connection ID by calling the Monitors API.

Pagerduty connection example
connection_notifications = [
    {
      connection_type       = "PagerDuty",
      connection_id         = "<CONNECTION_ID>",
      payload_override      = "{\"service_key\": \"your_pagerduty_api_integration_key\",\"event_type\": \"trigger\",\"description\": \"Alert: Triggered {{TriggerType}} for Monitor {{Name}}\",\"client\": \"Sumo Logic\",\"client_url\": \"{{QueryUrl}}\"}",
      run_for_trigger_types = ["Critical", "ResolvedCritical"]
    },
    {
      connection_type       = "Webhook",
      connection_id         = "<CONNECTION_ID>",
      payload_override      = "",
      run_for_trigger_types = ["Critical", "ResolvedCritical"]
    }
  ]

For information about overriding the payload for different connection types, see Set Up Webhook Connections.

Email notifications example
email_notifications = [
    {
      connection_type       = "Email",
      recipients            = ["abc@example.com"],
      subject               = "Monitor Alert: {{TriggerType}} on {{Name}}",
      time_zone             = "PST",
      message_body          = "Triggered {{TriggerType}} Alert on {{Name}}: {{QueryURL}}",
      run_for_trigger_types = ["Critical", "ResolvedCritical"]
    }
  ]
  1. To install the Monitors, navigate to the terraform-sumologic-sumo-logic-monitor/monitor_packages/Cassandra/ directory and run terraform init. This will initialize Terraform and download the required components.
  2. Run terraform plan to view the monitors that Terraform will create or modify.
  3. Run terraform apply.

Installing the Cassandra App

This section demonstrates how to install the Cassandra App.

Locate and install the app you need from the App Catalog. If you want to see a preview of the dashboards included with the app before installing, click Preview Dashboards.

  1. From the App Catalog, search for and select the app.
  2. Select the version of the service you're using and click Add to Library. Version selection applies only to a few apps currently. For more information, see the Install the Apps from the Library.
  3. To install the app, complete the following fields.
    1. App Name. You can retain the existing name, or enter a name of your choice for the app.

    2. Data Source. Choose Enter a Custom Data Filter, and enter a custom SQL Server cluster filter. Examples:
    • For all Cassandra clusters: db_cluster=*
    • For a specific cluster: db_cluster=cassandra.dev.01
    • Clusters within a specific environment: db_cluster=cassandra.dev.01 and environment=prod. This assumes you have set the optional environment tag while configuring collection.
    1. Advanced. Select the Location in the Library (the default is the Personal folder in the library), or click New Folder to add a new folder.
  4. Click Add to Library.

Once an app is installed, it will appear in your Personal folder, or another folder that you specified. From here, you can share it with your organization.

Panels will start to fill automatically. It's important to note that each panel slowly fills with data matching the time range query and received since the panel was created. Results won't immediately be available, but with a bit of time, you'll see full graphs and maps.

Viewing Cassandra Dashboards

Overview

The Cassandra - Overview dashboard provides an at-a-glance view of Cassandra backend and frontend HTTP error codes percentage, visitor location, URLs, and clients causing errors.

Use this dashboard to:

  • Identify Frontend and Backend Sessions percentage usage to understand active sessions. This can help you increase the session limit.
  • Gain insights into originated traffic location by region. This can help you allocate computer resources to different regions according to their needs.
  • Gain insights into the client, server responses on the server. This helps you identify errors in the server.
  • Gain insights into network traffic for the frontend and backend systems of your server.
Cassandra dashboards

Cache Stats

The Cassandra - Cache Stats dashboard provides insight into the database cache status, schedule, and items.

Use this dashboard to:

  • Monitor Cache performance.
  • Identify Cache usage statistics.
Cassandra dashboards

Errors and Warnings

The Cassandra - Errors and Warnings dashboard provides details of the database errors and warnings.

Use this dashboard to:

  • Review errors and warnings generated by the server.
  • Review the Threads errors and warning events.
Cassandra dashboards

Gossip

The Cassandra - Gossip dashboard provides details about communication between various cassandra nodes.

Use this dashboard to:

  • Determine nodes with errors resulting in failures.
  • Review the node activity and pending tasks.
Cassandra dashboards

Memtable

The Cassandra - Memtable dashboard provides insights into memtable statistics.

Use this dashboard to:

  • Review flush activity and memtable status.
Cassandra dashboards

Resource Usage

The Cassandra - Resource Usage dashboard provides details of resource utilization across Cassandra clusters.

Use this dashboard to:

  • Identify resource utilization. This can help you to determine whether are resources over- or under-allocated.
Cassandra dashboards

Compactions

The Cassandra - Compactions dashboard provides details of compactions.

Use this dashboard to:

  • Review pending/completed compactions and flushes.
Cassandra dashboards

Garbage Collection

The Cassandra - Garbage Collection dashboard shows key Garbage Collector statistics like the duration of the last GC run, objects collected, threads used, and memory cleared in the last GC run.

Use this dashboard to:

  • Understand the garbage collection time. If the time keeps on increasing, you may have more CPU usage.
  • Understand the amount of memory cleared by garbage collectors across memory pools and its impact on the Heap memory.
Cassandra dashboards

Read Path

The Cassandra - Read Path dashboard shows read operation statistics.

Use this dashboard to:

  • Gather insights into read operations, cache statistics, Tombstone, and SSTTables summary.
  • Review thread pool and memtable usage for read operations.
Cassandra dashboards

Resource Usage Logs

The Cassandra - Resource Usage Logs dashboard provides details of resource utilization across Cassandra clusters.

Use this dashboard to:

  • Identify resource utilization. This can help you to determine resources over or under allocation.
Cassandra dashboards

Thread Pool

The Cassandra - Thread Pool dashboard shows thread pool statistics.

Use this dashboard to:

  • Review thread pool usage and statistics for different kinds of operations.
Cassandra dashboards

Write Path

The Cassandra - Write Path dashboard shows write operation statistics.

Use this dashboard to:

  • Gather insights into write operations, cache statistics, Tombstone, and SSTTables summary.
  • Review thread pool and memtable usage for write operations.
Cassandra dashboards

Cassandra Alerts

Sumo Logic has provided out-of-the-box alerts available via Sumo Logic monitors to help you quickly determine if the Cassandra cluster is available and performing as expected.

Alert NameAlert DescriptionAlert ConditionRecover Condition
Cassandra - Increase in Authentication FailuresThis alert fires when there is an increase of Cassandra authentication failures.>5<= 5
Cassandra - Cache Hit Rate below 85 PercentThis alert fires when the cache key hit rate is below 85%.<85>= 85
Cassandra - High Commitlog Pending TasksThis alert fires when there are more than 15 Commitlog tasks that are pending.>15<= 15
Cassandra - High Number of Compaction Executor Blocked TasksThis alert fires when there are more than 15 compaction executor tasks blocked for more than 5 minutes.>15<= 15
Cassandra - Compaction Task PendingThis alert fires when there are many Cassandra compaction tasks that are pending. You might need to increase I/O capacity by adding nodes to the cluster.>100<= 100
Cassandra - High Number of Flush Writer Blocked TasksThis alert fires when there is a high number of flush writer tasks which are blocked.>15<= 15
Cassandra - Many Compaction Tasks Are PendingMany Cassandra compaction tasks are pending>100<= 100
Cassandra - Node DownThis alert fires when one or more Cassandra nodes are down>0<= 0
Cassandra - Blocked Repair TasksThis alert fires when the repair tasks are blocked>2<= 2
Cassandra - Repair Tasks PendingThis alert fires when repair tasks are pending.>2<= 2
Cassandra - High Tombstone ScanningThis alert fires when tombstone scanning is very high (>1000 99th Percentile) in queries.>1000<= 1000
Sumo Logic YouTubeSumo Logic Twitter
Legal
Privacy Statement
Terms of Use

Copyright © 2022 by Sumo Logic, Inc.