https://community.databricks.com/t5/data-engineering/how-to-push-cluster-logs-to-elastic-search/m-p/26993#M18910 <P>We can use the below steps to push Cluster Logs to Elastic Search:</P><P></P><P>1. Download the log4j-elasticsearch-java-api repo and build the jar file:</P><PRE><CODE>git clone <A href="https://github.com/Downfy/log4j-elasticsearch-java-api.git" target="test_blank">https://github.com/Downfy/log4j-elasticsearch-java-api.git</A> cd log4j-elasticsearch-java-api/ mvn clean install -Dmaven.test.skip=true</CODE></PRE><P></P><P>2. Go to the Libraries tab of the cluster and upload the jar file (located at /target/log4j-elasticsearch-1.0.0-RELEASE.jar). Now the jar file should be saved to a DBFS location something like this: </P><PRE><CODE>dbfs:/FileStore/jars/9294d79f_8d33_4270_9a52_cc36c2651220-log4j_elasticsearch_1_0_0_RELEASE-970d7.jar</CODE></PRE><P>3. Zip the 30 dependent jar files at /target/lib into one file dependency.zip and copy it to DBFS. For example, you can use Databricks CLI to upload the files to DBFS:</P><P></P><PRE><CODE>dbfs mkdirs dbfs:/dilip/elkzip/ dbfs mkdirs dbfs:/dilip/elkjar/ dbfs cp Desktop/log4j-elasticsearch-java-api/target/dependency.zip dbfs:/dilip/elkzip/</CODE></PRE><P>4. Unzip the jar files to another DBFS location using the followig notebook command:</P><P></P><PRE><CODE>%sh unzip /dbfs/dilip/elkzip/dependency.zip -d /dbfs/dilip/elkjar/</CODE></PRE><P>5. Run the following Python notebook command to create the init script (please change the file name and path as appropriate):</P><P></P><PRE><CODE>%python dbutils.fs.put("/dilip/init-scripts/setLog4jProperties.sh",""" #!/bin/bash set -e cp /dbfs/FileStore/jars/9294d79f_8d33_4270_9a52_cc36c2651220-log4j_elasticsearch_1_0_0_RELEASE-970d7.jar /databricks/jars/ cp /dbfs/dilip/elkjar/*.jar /databricks/jars/ cat &lt;&lt; EOF &gt;&gt; /databricks/spark/dbconf/log4j/driver/log4j.properties # RootLogger log4j.rootLogger=INFO,stdout,elastic # Logging Threshold log4j.threshhold=ALL # # stdout # Add *stdout* to root logger above if you want to use this # log4j.appender.stdout=org.apache.log4j.ConsoleAppender log4j.appender.stdout.layout=org.apache.log4j.PatternLayout log4j.appender.stdout.layout.ConversionPattern=%d{ISO8601} %-5p %c{2} (%F:%M(%L)) - %m%n # ElasticSearch log4j appender for application log4j.appender.elastic=com.letfy.log4j.appenders.ElasticSearchClientAppender log4j.appender.elastic.elasticHost=internal-vip-elasticsearh-int-dev-7645241416321.us-west-2.elb.amazonaws.com log4j.appender.elastic.hostName=my_laptop log4j.appender.elastic.applicationName=elkdemo log4j.appender.elastic.elasticIndex=logging-elk log4j.appender.elastic.elasticType=logging EOF """, True)</CODE></PRE><P></P><P>6. Go to the cluster -&gt; "Advanced Options"-&gt;"Init Scripts", and then follow the steps outlined in section "Configure a cluster-scoped init script using the UI" in the following documentation (in our case, the path to the init-script is dbfs:/dilip/init-scripts/setLog4jProperties.sh)</P><P></P><P><A href="https://docs.databricks.com/clusters/init-scripts.html#cluster-scoped-init-scripts" alt="https://docs.databricks.com/clusters/init-scripts.html#cluster-scoped-init-scripts" target="_blank">https://docs.databricks.com/clusters/init-scripts.html#cluster-scoped-init-scripts</A></P><P></P><P>7. Restart the cluster and check the driver logs. Logs should now be available on your Elastic Search.</P> Fri, 07 May 2021 14:52:09 GMT User15813097110 2021-05-07T14:52:09Z https://community.databricks.com/t5/data-engineering/how-to-push-cluster-logs-to-elastic-search/m-p/26992#M18909 Fri, 07 May 2021 14:48:09 GMT https://community.databricks.com/t5/data-engineering/how-to-push-cluster-logs-to-elastic-search/m-p/26992#M18909 User15813097110 2021-05-07T14:48:09Z https://community.databricks.com/t5/data-engineering/how-to-push-cluster-logs-to-elastic-search/m-p/26993#M18910 <P>We can use the below steps to push Cluster Logs to Elastic Search:</P><P></P><P>1. Download the log4j-elasticsearch-java-api repo and build the jar file:</P><PRE><CODE>git clone <A href="https://github.com/Downfy/log4j-elasticsearch-java-api.git" target="test_blank">https://github.com/Downfy/log4j-elasticsearch-java-api.git</A> cd log4j-elasticsearch-java-api/ mvn clean install -Dmaven.test.skip=true</CODE></PRE><P></P><P>2. Go to the Libraries tab of the cluster and upload the jar file (located at /target/log4j-elasticsearch-1.0.0-RELEASE.jar). Now the jar file should be saved to a DBFS location something like this: </P><PRE><CODE>dbfs:/FileStore/jars/9294d79f_8d33_4270_9a52_cc36c2651220-log4j_elasticsearch_1_0_0_RELEASE-970d7.jar</CODE></PRE><P>3. Zip the 30 dependent jar files at /target/lib into one file dependency.zip and copy it to DBFS. For example, you can use Databricks CLI to upload the files to DBFS:</P><P></P><PRE><CODE>dbfs mkdirs dbfs:/dilip/elkzip/ dbfs mkdirs dbfs:/dilip/elkjar/ dbfs cp Desktop/log4j-elasticsearch-java-api/target/dependency.zip dbfs:/dilip/elkzip/</CODE></PRE><P>4. Unzip the jar files to another DBFS location using the followig notebook command:</P><P></P><PRE><CODE>%sh unzip /dbfs/dilip/elkzip/dependency.zip -d /dbfs/dilip/elkjar/</CODE></PRE><P>5. Run the following Python notebook command to create the init script (please change the file name and path as appropriate):</P><P></P><PRE><CODE>%python dbutils.fs.put("/dilip/init-scripts/setLog4jProperties.sh",""" #!/bin/bash set -e cp /dbfs/FileStore/jars/9294d79f_8d33_4270_9a52_cc36c2651220-log4j_elasticsearch_1_0_0_RELEASE-970d7.jar /databricks/jars/ cp /dbfs/dilip/elkjar/*.jar /databricks/jars/ cat &lt;&lt; EOF &gt;&gt; /databricks/spark/dbconf/log4j/driver/log4j.properties # RootLogger log4j.rootLogger=INFO,stdout,elastic # Logging Threshold log4j.threshhold=ALL # # stdout # Add *stdout* to root logger above if you want to use this # log4j.appender.stdout=org.apache.log4j.ConsoleAppender log4j.appender.stdout.layout=org.apache.log4j.PatternLayout log4j.appender.stdout.layout.ConversionPattern=%d{ISO8601} %-5p %c{2} (%F:%M(%L)) - %m%n # ElasticSearch log4j appender for application log4j.appender.elastic=com.letfy.log4j.appenders.ElasticSearchClientAppender log4j.appender.elastic.elasticHost=internal-vip-elasticsearh-int-dev-7645241416321.us-west-2.elb.amazonaws.com log4j.appender.elastic.hostName=my_laptop log4j.appender.elastic.applicationName=elkdemo log4j.appender.elastic.elasticIndex=logging-elk log4j.appender.elastic.elasticType=logging EOF """, True)</CODE></PRE><P></P><P>6. Go to the cluster -&gt; "Advanced Options"-&gt;"Init Scripts", and then follow the steps outlined in section "Configure a cluster-scoped init script using the UI" in the following documentation (in our case, the path to the init-script is dbfs:/dilip/init-scripts/setLog4jProperties.sh)</P><P></P><P><A href="https://docs.databricks.com/clusters/init-scripts.html#cluster-scoped-init-scripts" alt="https://docs.databricks.com/clusters/init-scripts.html#cluster-scoped-init-scripts" target="_blank">https://docs.databricks.com/clusters/init-scripts.html#cluster-scoped-init-scripts</A></P><P></P><P>7. Restart the cluster and check the driver logs. Logs should now be available on your Elastic Search.</P> Fri, 07 May 2021 14:52:09 GMT https://community.databricks.com/t5/data-engineering/how-to-push-cluster-logs-to-elastic-search/m-p/26993#M18910 User15813097110 2021-05-07T14:52:09Z