Page MenuHomePhabricator
Create Task
Maniphest T167907

Incorporate data from the GeoIP2 ISP database to webrequest
Closed, ResolvedPublic8 Estimated Story Points
Actions

Description

Per @faidon's comment: One thing I've proposed before that could be useful for the raw logs & Druid, but perhaps even for the data in HDFS, is incorporating data from the GeoIP2 ISP database (which I don't believe we're subscribed to, but is fairly cheap). Being able to aggregate by ISP/AS number could be useful for these kind of investigations ("how many hits were by Yandex").

Details

SubjectRepoBranchLines +/-
Add ISP data to webrequest tableanalytics/refinerymaster+7 -4
Refactor geo-coding function and add ISPanalytics/refinery/sourcemaster+1 K -376
Customize query in gerrit

Related Objects
Search...

Event Timeline

Nuria created this task.Jun 14 2017, 6:33 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 14 2017, 6:33 PM
Nuria moved this task from Incoming to Operational Excellence Future on the Analytics board.Jun 15 2017, 3:48 PM
Krinkle mentioned this in T166967: Load webrequest raw data into druid so ops can use it for troubleshooting.Jun 23 2017, 6:41 PM
Nuria added a subtask: T160822: Filter local IPs before checking for geo info.Jun 26 2017, 4:17 PM
JAllemandou moved this task from Operational Excellence Future to Wikistats on the Analytics board.Aug 28 2017, 3:27 PM
faidon added a comment.Nov 23 2017, 9:21 PM

This came up again this week: I was looking into our network traffic in our various PoPs, to plan capacity and procure network links for eqsin (Singapore). There is traffic on our peering port in ulsfo, and there is no easy way to identify where it's coming from using our own tooling. Analyzing Netflows using a pmacct/Druid/Tranquility pipeline would be ideal, but we're very far from that being usable and useful, despite Analytics (very graciously!) helping us slowly get there (cf. T181036).

Having ISP names and their autonomous system numbers in Hadoop could be a useful alternative for us to extract the same statistics, and perhaps it'd be useful for other use cases as well? I can imagine e.g. performance drilling down in case of ISP issues, Zero giving an estimate to potential carriers, etc.

I realize you folks have a lot on your plate and this may not be high for your list, so until that happens, I wrote a script of my own to parse the 1:1000 logs on oxygen and import them on an SQLite database to run queries against. For the ISP data, they're currently based on the outdated GeoIP v1 ASN databases, and having GeoIP v2 ISP databases would already be a great step. If the $300/yr (or so) is an issue, we could cover it from TechOps' budget (and while I have access to our MaxMind account, I thought it'd be best to coordinate with you folks first :)). Upgrading oxygen to stretch would be helpful too, I'll sync with Luca/Otto next week about that, and if there are no gotchas or objections, tackle it myself.

faidon mentioned this in T138396: Create ops dashboard with info like ipv6 traffic split .Nov 23 2017, 9:22 PM
elukey subscribed.Nov 27 2017, 1:34 PM
faidon mentioned this in T181264: Refresh or replace oxygen.Nov 27 2017, 2:48 PM
Nuria added a comment.Nov 27 2017, 5:33 PM

Let's start buying a license for GeoIP v2 ISP databases

ayounsi subscribed.Nov 28 2017, 7:31 PM
Nuria added a comment.Dec 5 2017, 6:03 PM

Bought and being updated: https://gerrit.wikimedia.org/r/#/c/395549/

Nuria added a comment.Dec 5 2017, 6:04 PM

We should plan to add this to webrequest early q3

JAllemandou claimed this task.Jan 12 2018, 12:57 PM
JAllemandou edited projects, added Analytics-Kanban; removed Analytics.
JAllemandou moved this task from Next Up to In Progress on the Analytics-Kanban board.
gerritbot subscribed.Jan 12 2018, 12:58 PM

Change 403916 had a related patch set uploaded (by Joal; owner: Joal):
[analytics/refinery/source@master] Refactor geo-coding function and add ISP

https://gerrit.wikimedia.org/r/403916

gerritbot added a project: Patch-For-Review.Jan 12 2018, 12:58 PM
faidon awarded a token.Jan 12 2018, 3:59 PM
JAllemandou moved this task from In Progress to In Code Review on the Analytics-Kanban board.Jan 18 2018, 7:33 PM
JAllemandou set the point value for this task to 8.Jan 19 2018, 5:03 PM
JAllemandou merged a task: T160822: Filter local IPs before checking for geo info.
JAllemandou subscribed.
gerritbot added a comment.Jan 23 2018, 4:38 PM

Change 405899 had a related patch set uploaded (by Joal; owner: Joal):
[analytics/refinery@master] Add ISP data to webrequest table

https://gerrit.wikimedia.org/r/405899

gerritbot added a comment.Feb 13 2018, 7:37 PM

Change 403916 merged by Ottomata:
[analytics/refinery/source@master] Refactor geo-coding function and add ISP

https://gerrit.wikimedia.org/r/403916

Nuria moved this task from In Code Review to Ready to Deploy on the Analytics-Kanban board.Feb 14 2018, 5:17 PM
gerritbot added a comment.Feb 15 2018, 10:38 AM

Change 405899 merged by Joal:
[analytics/refinery@master] Add ISP data to webrequest table

https://gerrit.wikimedia.org/r/405899

JAllemandou moved this task from Ready to Deploy to Done on the Analytics-Kanban board.Feb 15 2018, 5:01 PM
Nuria closed this task as Resolved.Mar 2 2018, 9:07 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL