Anyone collecting to Graylog from iOS or Android apps? Silly idea?

(Mikemee) #1

Newbie question…

I’d like to add some basic event logging to some mobile apps (e.g. [app_name, version, device, device_os_version], [“Screen”, “Home”], [“SortOrder”, “Descending”]) so that I can answer some basic questions like: “What is most common SortOrder?”. Or, “What version of the app is most popular this week?”, “What OS version?” I don’t need to do fancier things like funnels or track click paths, or build fancy graphs. I’m quite comfortable with regex/sql/similar text querying.

On the device, I’d like to be able to batch up the logs to minimise network activity and in case of lost connectivity.

  1. Is Graylog a good candidate for this overall? (I’ve used tools like Splunk in the past, and can imagine it would be just fine for the scenarios I can imagine).
  2. Are there existing add-ons people are using that use GELF and/or should I look for something that outputs syslog, or java log4-style logs, or ? (A quick search only yielded a few Graylog viewing tools/libs for mobile, not log generation.)

Why? Because the commercial products aimed specifically at mobile are either funded by handing over my users’ data via monolithic often closed-source add-on libraries (Google, Facebook, Flurry), or, they’re aimed at enterprise and appear to actively discourage small usage (MixPanel, Splunk MINT, Kissmetrics) either with pricing or omitting “that one needed feature” (e.g. history > 3 months). All very understandable from their business perspective, but not what I need.

It seems that I could spin up an instance of Graylog on AWS or DigitalOcean or similar and have my apps dump batches of logs directly over https. Peak rates would rarely be more than a few per second (normally more likely <100/hr I estimate).

Thoughts, comments? Many thanks in advance!

(Bill Murrin) #2

I see no one replied to you yet.

Just want to give you my .02 cents. I don’t personally see why Graylog couldn’t support your use case. You could accept a raw text input and then parse/split the line, try to get the GELF input working, or use a JSON type input and have your app send the data in that form.

You could also just have it send the data to a webserver which writes the data to a file and then something like filebeat can read the file on the backend and send it to Graylog using the Beats Input.

Graylog can definitely support the minimal log volume you are suggesting.

(Mikemee) #3

@billmurrin thanks so much for your 2c!

Ok, so it seems the main thing I should look for now is a library for iOS and Android that will accumulate the logs and batch send them in an efficient fashion. Shouldn’t be too hard to find… :crossed_fingers: