Using Impala Logging

The Impala logs record information about:

  • Any errors Impala encountered. If Impala experienced a serious error during startup, you must diagnose and troubleshoot that problem before you can do anything further with Impala.
  • How Impala is configured.
  • Jobs Impala has completed.

Locations and Names of Impala Log Files

  • By default, the log files are under the directory /var/log/impala. To change log file locations, modify the defaults file described in Starting Impala.
  • The significant files for the impalad process are impalad.INFO, impalad.WARNING, and impalad.ERROR. You might also see a file impalad.FATAL, although this is only present in rare conditions.
  • The significant files for the statestored process are statestored.INFO, statestored.WARNING, and statestored.ERROR. You might also see a file statestored.FATAL, although this is only present in rare conditions.
  • The significant files for the catalogd process are catalogd.INFO, catalogd.WARNING, and catalogd.ERROR. You might also see a file catalogd.FATAL, although this is only present in rare conditions.
  • Examine the .INFO files to see configuration settings for the processes.
  • Examine the .WARNING files to see all kinds of problem information, including such things as suboptimal settings and also serious runtime errors.
  • Examine the .ERROR and/or .FATAL files to see only the most serious errors, if the processes crash, or queries fail to complete. These messages are also in the .WARNING file.
  • A new set of log files is produced each time the associated daemon is restarted. These log files have long names including a timestamp. The .INFO, .WARNING, and .ERROR files are physically represented as symbolic links to the latest applicable log files.
  • The init script for the impala-server service also produces a consolidated log file /var/log/impalad/impala-server.log, with all the same information as the corresponding.INFO, .WARNING, and .ERROR files.
  • The init script for the impala-state-store service also produces a consolidated log file /var/log/impalad/impala-state-store.log, with all the same information as the corresponding.INFO, .WARNING, and .ERROR files.

Impala stores information using the glog_v logging system. You will see some messages referring to C++ file names. Logging is affected by:

  • The GLOG_v environment variable specifies which types of messages are logged. See Setting Logging Levels for details.
  • The --logbuflevel startup flag for the impalad daemon specifies how often the log information is written to disk. The default is 0, meaning that the log is immediately flushed to disk when Impala outputs an important messages such as a warning or an error, but less important messages such as informational ones are buffered in memory rather than being flushed to disk immediately.
  • Cloudera Manager has an Impala configuration setting that sets the -logbuflevel startup option.

Managing Impala Logs through Cloudera Manager or Manually

Cloudera recommends installing Impala through the Cloudera Manager administration interface. To assist with troubleshooting, Cloudera Manager collects front-end and back-end logs together into a single view, and let you do a search across log data for all the managed nodes rather than examining the logs on each node separately. If you installed Impala using Cloudera Manager, refer to the topics on Monitoring Services (CDH 5) or Logs (CDH 5).

If you are using Impala in an environment not managed by Cloudera Manager, review Impala log files on each host, when you have traced an issue back to a specific system.

Rotating Impala Logs

Impala periodically rotates logs. It switches the physical files representing the current log files and removes older log files that are no longer needed.

In Impala 2.2 and higher, the --max_log_files configuration option specifies how many log files to keep at each severity level (INFO, WARNING, ERROR, and FATAL). You can specify an appropriate setting for each Impala-related daemon (impalad, statestored, and catalogd).
  • A value of 0 preserves all log files, in which case you would set up set up manual log rotation using your Linux tool or technique of choice.
  • A value of 1 preserves only the very latest log file.
  • The default value is 10.

For some log levels, Impala logs are first temporarily buffered in memory and only written to disk periodically. The --logbufsecs setting controls the maximum time that log messages are buffered for. For example, with the default value of 5 seconds, there may be up to a 5 second delay before a logged message shows up in the log file.

It is not recommended that you set --logbufsecs to 0 as the setting makes the Impala daemon to spin in the thread that tries to delete old log files.

To set up log rotation on a system managed by Cloudera Manager 5.4.0 and higher:
  1. In the Impala Configuration tab, type max_log_files.
  2. Set the appropriate value for the Maximum Log Files field for each Impala configuration category, Impala, Catalog Server, and StateStore.
  3. Restart the Impala service.

In earlier Cloudera Manager releases, specify the -max_log_files=maximum option in the Command Line Argument Advanced Configuration Snippet (Safety Valve) field for each Impala configuration category.

Reviewing Impala Logs

By default, the Impala log is stored at /var/log/impalad/. The most comprehensive log, showing informational, warning, and error messages, is in the file name impalad.INFO. View log file contents by using the web interface or by examining the contents of the log file. (When you examine the logs through the file system, you can troubleshoot problems by reading the impalad.WARNING and/or impalad.ERROR files, which contain the subsets of messages indicating potential problems.)

On a machine named impala.example.com with default settings, you could view the Impala logs on that machine by using a browser to access http://impala.example.com:25000/logs.

You can view the contents of the impalad.INFO log file in the file system. With the default configuration settings, the start of the log file appears as follows:

[user@example impalad]$ pwd
/var/log/impalad
[user@example impalad]$ more impalad.INFO
Log file created at: 2013/01/07 08:42:12
Running on machine: impala.example.com
Log line format: [IWEF]mmdd hh:mm:ss.uuuuuu threadid file:line] msg
I0107 08:42:12.292155 14876 daemon.cc:34] impalad version 0.4 RELEASE (build 9d7fadca0461ab40b9e9df8cdb47107ec6b27cff)
Built on Fri, 21 Dec 2012 12:55:19 PST
I0107 08:42:12.292484 14876 daemon.cc:35] Using hostname: impala.example.com
I0107 08:42:12.292706 14876 logging.cc:76] Flags (see also /varz are on debug webserver):
--dump_ir=false
--module_output=
--be_port=22000
--classpath=
--hostname=impala.example.com

Understanding Impala Log Contents

The logs store information about Impala startup options. This information appears once for each time Impala is started and may include:

  • Machine name.
  • Impala version number.
  • Flags used to start Impala.
  • CPU information.
  • The number of available disks.

There is information about each job Impala has run. Because each Impala job creates an additional set of data about queries, the amount of job specific data may be very large. Logs may contained detailed information on jobs. These detailed log entries may include:

  • The composition of the query.
  • The degree of data locality.
  • Statistics on data throughput and response times.

Setting Logging Levels

Impala uses the GLOG system, which supports three logging levels. You can adjust the logging levels using the Cloudera Manager Admin Console. You can adjust logging levels without going through the Cloudera Manager Admin Console by exporting variable settings. To change logging settings manually, use a command similar to the following on each node before starting impalad:

export GLOG_v=1

For more information on how to configure GLOG, including how to set variable logging levels for different system components, see documentation for the glog project on github.

Understanding What is Logged at Different Logging Levels

As logging levels increase, the categories of information logged are cumulative. For example, GLOG_v=2 records everything GLOG_v=1 records, as well as additional information.

Increasing logging levels imposes performance overhead and increases log size. Cloudera recommends using GLOG_v=1 for most cases: this level has minimal performance impact but still captures useful troubleshooting information.

Additional information logged at each level is as follows:

  • GLOG_v=1 - The default level. Logs information about each connection and query that is initiated to an impalad instance, including runtime profiles.
  • GLOG_v=2 - Everything from the previous level plus information for each RPC initiated. This level also records query execution progress information, including details on each file that is read.
  • GLOG_v=3 - Everything from the previous level plus logging of every row that is read. This level is only applicable for the most serious troubleshooting and tuning scenarios, because it can produce exceptionally large and detailed log files, potentially leading to its own set of performance and capacity problems.

Redacting Sensitive Information from Impala Log Files

Log redaction is a security feature that prevents sensitive information from being displayed in locations used by administrators for monitoring and troubleshooting, such as log files, the Cloudera Manager user interface, and the Impala debug web user interface. You configure regular expressions that match sensitive types of information processed by your system, such as credit card numbers or tax IDs, and literals matching these patterns are obfuscated wherever they would normally be recorded in log files or displayed in administration or debugging user interfaces.

In a security context, the log redaction feature is complementary to the Sentry authorization framework. Sentry prevents unauthorized users from being able to directly access table data. Redaction prevents administrators or support personnel from seeing the smaller amounts of sensitive or personally identifying information (PII) that might appear in queries issued by those authorized users.

See How to Enable Sensitive Data Redaction for details about how to enable this feature and set up the regular expressions to detect and redact sensitive information within SQL statement text.