Humio Product Update: September 2017
Here come Alerts!
Probably our most requested feature is now here. With alerts you can be notified immediately whenever something goes wrong in your system. Alerts currently support being sent with Slack, Email, and generic Web Hook notifiers. Alerts is a premium feature not available on free accounts.
In order to create an alert, you just write a humio query. Whenever that query provides a result, the query triggers. To enable alerts based on a threshold level such as free disk space or memory usage, you simply embed the threshold in the query. Alerts can be throttled, so they will only trigger once every so often; and they can be used to send periodic reports.
Dashboards are Better Now
Dashboards have been improved in a number of ways. Most importantly, they’re faster and consume less CPU in the browser. A dashboard on a hidden browser tab will only update minimally to keep the live queries from timing out on the server.
If it has been a while since you worked with dashboards, you will also notice that we now support a free-form layout of dashboards letting you drag to move and resize widgets.
We also added a nifty pulsing ‘alive’ indicator to dashboards that tells you that the browser’s connection to the server is doing well, and makes sure to reload dashboards upon changes or server upgrades.
On premium and on-premise accounts, users can share a read-only link to dashboards which makes it accessible without a humio login.
Better Search Experience
On the search tab, we’ve improved the way auto-suggest works (it activates on ⎇+space) and it is less in-your-face when you don’t need it. Use arrow keys up/down to access available tags, functions and saved queries.
We also added a feature for use with aggregate queries (such as
timechart) to see the events that make up the aggregation. Clicking the
Events list button takes you to a view that provides the events that come out of the filter part of the query that makes up the shown result.
We’ve also improved the graphing options for time charts with various display modes, log scale graphs, step-line or connected graphs, labels, and more. Click the little gear icon in the corner of the chart to access these options.
New On-Premise Features
For our on-premise customers, there is a long list of new features that might be interesting.
We now support running Humio clustered, providing a solution that lets you scale up both ingest capacity and query speed with the number of nodes. Our own stress tests indicate that ingest capacity is 1TB/day per node, and query performance is 6GB/sec per node. Your milage may vary, we run on stock 4-core i7 nodes with 64GB of RAM. You can read more about how to set it up in the online documentation.
We’ve added raw TCP and UDP based ingest, which makes it easy to integrate directly with e.g. syslog or other custom logging providers. At present this feature is only available for on-premise customers. Use the HTTP API to activate this feature as described here.
Improved LDAP authentication
Finally we have improved the authentication options for integrating with an ldap server, so that you’re not limited to anonymous bind. You still need to manage role assignment in the humio settings tab for each dataspace.