Adding blog post to show case the new PPL capabilities and CLI tool #3994
Conversation
Signed-off-by: Anas Alkouz <[email protected]>
anasalkouz
requested review from
AMoo-Miki,
CEHENKLE,
elfisher,
kolchfa-aws,
krisfreedain,
natebower,
nateynateynate,
nknize and
peterzhuamazon
as code owners
|
Thank you for submitting a blog post! The blog post review process is: Submit a PR -> (Optional) Peer review -> Doc review -> Editorial review -> Marketing review -> Published. |
Signed-off-by: Anas Alkouz <[email protected]>
Swiddis
left a comment
Swiddis
left a comment
There was a problem hiding this comment.
Thanks for drafting this! The examples are technically solid, there's some great coverage here. I learned some new stuff about commands I didn't directly work with.
I think we could stand to restructure it a bit to be more story-driven and less encyclopedic. Especially for a blog I'd like to see something more beginner-friendly.
| has_science_table: false | ||
| --- | ||
|
|
||
| OpenSearch's Piped Processing Language (PPL) evolves significantly with new and enhanced capabilities that reshape how you handle log analytics and observability workflows. This comprehensive update streamlines how you troubleshoot applications, monitor system performance, and analyze security events, providing essential tools to extract meaningful insights from your observability data. Through enhanced features and refined functionality, teams can navigate complex log analysis with greater precision and clarity. |
There was a problem hiding this comment.
This intro is very abstract. It talks a lot about reshaping workflows without any point of reference.
Some readers might not know what PPL is, and those that use it might not have a great feeling for what the current state is. Could we maybe start with a brief introduction of what PPL is and what problem it solves? Something like "PPL is OpenSearch's query language for..."
| OpenSearch's Piped Processing Language (PPL) evolves significantly with new and enhanced capabilities that reshape how you handle log analytics and observability workflows. This comprehensive update streamlines how you troubleshoot applications, monitor system performance, and analyze security events, providing essential tools to extract meaningful insights from your observability data. Through enhanced features and refined functionality, teams can navigate complex log analysis with greater precision and clarity. | ||
|
|
||
| ## What's new in OpenSearch PPL? | ||
| Let's explore the new PPL commands and functions through practical examples of common log analytics use cases. These examples demonstrate how PPL enhanced capabilities can help you analyze logs more effectively, from combining multiple data sources to processing unstructured log data and performing time-series analysis. We'll also cover significant performance improvements in this release, including the integration with Apache Calcite as the query engine. |
There was a problem hiding this comment.
I think before getting straight to what's new, we should cover some historic pain points we've resolved.
For people who have tried it before and found it unsatisfactory, this might be a good opportunity to win them back.
| OpenSearch's Piped Processing Language (PPL) evolves significantly with new and enhanced capabilities that reshape how you handle log analytics and observability workflows. This comprehensive update streamlines how you troubleshoot applications, monitor system performance, and analyze security events, providing essential tools to extract meaningful insights from your observability data. Through enhanced features and refined functionality, teams can navigate complex log analysis with greater precision and clarity. | ||
|
|
||
| ## What's new in OpenSearch PPL? | ||
| Let's explore the new PPL commands and functions through practical examples of common log analytics use cases. These examples demonstrate how PPL enhanced capabilities can help you analyze logs more effectively, from combining multiple data sources to processing unstructured log data and performing time-series analysis. We'll also cover significant performance improvements in this release, including the integration with Apache Calcite as the query engine. |
There was a problem hiding this comment.
As a point of preference, I would also rather avoid hedging with "look at these examples," just start with the examples.
If we want to show how much we've improved, let's take a case that we previously couldn't do, that's now easy.
We also hedge a second time in the next paragraph, with "Below are scenarios where new commands..."
|
@kolchfa-aws @natebower - Adding you both to push this into review. |
Signed-off-by: Anas Alkouz <[email protected]>
Signed-off-by: Anas Alkouz <[email protected]>
|
|
||
| For more information, check out: | ||
|
|
||
| * PPL Documentation: https://github.com/opensearch-project/sql/blob/main/docs/user/ppl/index.rst |
There was a problem hiding this comment.
Is there a reason we're not linking to the doc site PPL documentation? https://docs.opensearch.org/latest/search-plugins/sql/ppl/index/
There was a problem hiding this comment.
Should be fine as well. github documentation is more updated. but we will update website documentation anyway soon
There was a problem hiding this comment.
@anasalkouz Thanks - the doc site should contain the latest updates as well. Please let me know when you're done addressing comments and the blog is ready for my review.
Signed-off-by: Anas Alkouz <[email protected]>
Swiddis
left a comment
Swiddis
left a comment
There was a problem hiding this comment.
lgtm from tech & presentation side, still need to address style-job comments
As an extra style nit, variable casing should be consistent, e.g. line 62 does logLevel, userid, sourceip instead of logLevel, userId, sourceIp.
kolchfa-aws
added
Doc review
Signed-off-by: Fanit Kolchina <[email protected]>
|
@anasalkouz Doc review complete. I pushed my changes into this PR. Could you please add a bio and picture for Ritvi Bhatt (there doesn't seem to be an existing one). See https://github.com/opensearch-project/project-website/blob/main/BLOG_GUIDE.md#authors |
@kolchfa-aws Here is the PR to add Ritvi information: #4013 |
Signed-off-by: Nathan Bower <[email protected]>
natebower
left a comment
natebower
left a comment
There was a problem hiding this comment.
Thanks @anasalkouz! LGTM
@pajuric This should be ready to publish.
natebower
added
Done and ready to publish
5 participants
Description
Technical blog post to show case the OpenSearch's new Piped Processing Language Capabilities
Issues Resolved
Closes #3974
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the BSD-3-Clause License.