faq-icon

General

Top 5 reasons why jKool

jKool is a great alternative to Splunk or Elastic Search and goes beyond log analytics.

Here is why:

  • Easy, simple to use, cost effective
    • No hardware, software, databases required
    • Simple web interface from any place, anytime
  • Unified model: metrics, logs, transactions
    • We automatically discover, stitch transactions — not just logs, metrics
  • Combined real-time & historical analytics
    • 2 click analytics, root-cause analysis
  • Open Source Collectors
    • log4j, slf4j, logback, jmx, end-user, browser, APM and more
  • Runs on Apache open source stack

Does jKool scale to handle large, concurrent transaction & message rates?

Yes. Our service is built on a Big Data architecture including a NoSQL database with a full-text search engine that can scale transparently to handle the greatest of loads.

Does jKool provide automated analysis?

Yes. We provide a compute grid that delivers automatic computation of “normal” making it easy to differentiate current behavior from what is normal for you.

What is a datapoint, and how is it measured?

A datapoint is a metric, an event or name/value pair sent to jKool.

A datapoint is computed as follows: total dps = #events + #transactions + #metrics (name=value pairs).
if you stream syslog, log4j #dps = #events + #(name=value pairs extracted from log messages).

What is time-series data?

Time Series Data: (from Wikipedia):

A time series is a sequence of data points, measured typically at successive points in time spaced at uniform time intervals.

Examples of time series are the daily closing value of the Dow Jones Industrial Average and the annual flow volume of the Nile River at Grand Ethiopian Renaissance Dam.

Quantities that represent or trace the values taken by a variable over a period such as a month, quarter, or year. Time series data occurs wherever the same measurements are recorded on a regular basis. (from BusinessDictionary.com)

jKool Analyzes Time-Series Data


How is BI different than Big Data Streaming Analytics?

Normally, BI is not real-time. Also, BI works best when you know what questions you are going to ask in advance. Unlike BI, Streaming Analytics can answer new questions with having to create a new schema.

How long is my trial?

Default subscription is free 5 day data retention. There is no trial or expiration date on free accounts. Data will simply begin to expire 5 days after it gets to jKool.

Dashboard

How is the jKool Dashboard used?

We built a Web dashboard in HTML 5 optimized for both tablet and computer.  It is intuitive to use, easy to configure and customizable to your needs. The dashboard is composed of multiple Viewlets – reusable, configurable widgets that present data for further analysis.  Viewlet types include: tables, graphs, heat maps, score cards, consoles and topology.  Templates for all Viewlet types along with jKQL queries are provided as samples.

How to view my data after successful streaming to jkoolcloud?

Logon to jkoolcloud with your credentials

  • Select your repository (not Sample) when prompted to select repository.
  • Sample repository contains only sample data set.
  • Streamed data goes to your private repository associated with the API access token.

Create a new dashboard and a new viewlet with a query like: “get events show as table”
See Tutorial for more information.

Query Language

Please describe jKool's query language

All our Viewlets are driven by our English-like query language called jKQL. But, it is so much more than a query language. It is more of a natural analysis language that requires far fewer statements than SQL, provides built-in features such as compare and supports streaming operators. It enables the user to search, filter, group and count data. It is designed to be used by both the business user and the data scientist.

Why use jKQL when there is SQL?

SQL stands for structured query language. It was designed for analysis of data that fits into columns and rows. To find correlations across multiple disparate data sources where this structure is not available requires more than SQL can provide.

API

Does jKool provide an open-source API for instrumentation?

Our open-source API is an easy-to-use solution for streaming data from applications. The API captures and streams application activities (Java, log4j, RESTFul and more) and is used to instrument your applications and acquire system metrics. It was designed to help with the diagnosis of concurrent, multi-threaded applications and those integrated with external services.

The API encapsulates streaming, metrics, state and context into a simple, extensible java framework.

I have my own custom logging framework, what are my options?

Use JESL (jKool Event Streaming Library) which is based on TNT4J open source streaming framework to stream logs, events, metrics, transactions to jKool.

How does jKool handle streams?

jKool analyzes all streams in real-time: meaning all events streams are processed as soon as they arrive to jKool.

All streams are split into 2 paths in parallel: short path (real-time) with ms latency, long path (seconds latency).
Hence you can see real-time view of your event streams using "subscribe to" JKQL verb and get historical view of your events using "get" verb.

Example real time query: "subscribe to events show as linechart"

Example historical query: "get events for today show as linechart"

NOTE: Analyzed real-time streams show up on display before they get persisted to storage.

How can I tell if I am streaming syslog, log4j?

If you are streaming data using JESL syslog daemon or log4j/logback appender.

  • Make sure tnt4j.properties has the right API access token (included in your jkoolcloud registration email, or "About jKool" menu on your dashboard). 
  • If you using log4j/logback appenders, include the following java properties:
    • tnt4j.dump.on.vm.shutdown=true
    • tnt4j.dump.on.exception=true
    • tnt4j.dump.provider.default=true
  • Check <name>.dump file generated when streaming application stops. 
    • Open .dump file and find: "JKCloudEventSink" it should show events, bytes sent, any errors, etc, etc — all the stats related to streaming.

Get Started Free