Apache Eagle (called Eagle in the following) is an open source analytics solution for identifying security and performance issues instantly on big data platforms, e.g. Apache Hadoop, Apache Spark etc. It analyzes data activities, yarn applications, jmx metrics, and daemon logs etc., provides state-of-the-art alert engine to identify security breach, performance issues and shows insights.
Big data platform normally generates huge amount of operational logs and metrics in realtime. Eagle is founded to solve hard problems in securing and tuning performance for big data platforms by ensuring metrics, logs always available and alerting immediately even under huge traffic.
Eagle is accounced to be a Top Level Project (TLP) of Apache Software Foundation (ASF) on Jan. 10, 2017.
Eagle analyzes big data platforms and reports issues in 3 steps:
Streaming operational logs and data activities into Eagle platform, including but not limited to audit logs, map/reduce jobs, yarn resource usage, jmx metrics and various daemon logs etc.
Realtime stream data are normalized and then evaluated in alert engine with comprehensive policies including filter, slide window, batch window, and pattern match etc.
Generate alerts, show historical trend, and correlate alert with raw data
Eagle provides embedded, highly scalable alert engine for user to easily onboard any new data sources into Eagle platform and write comprehensive policies to alert for anomalies.