In ELK, the log collection is different kinds of beats like heartbeat, filebeat, metricbeat, etc. All the logs from various IT resources are first sent to the Log Collector.Ģ. In this figure, you can view the architectural flow as follows:ġ. Figure 1: Basic architectural flow of Elk Stack Alerts can also be set in case of any issue.įigure 1 gives the basic architectural flow of these three components for log analysis. Kibana is a user interface to visualise Elasticsearch data, and to create charts and graphs for efficient log analysis. It collects data from different sources, normalises it, and puts it in a stash called Elasticsearch.ģ. It is a data collection engine with capabilities of real-time pipelining. Logstash is a tool for shipping, processing and storing the logs collected from different sources. It offers speed and flexibility to handle this data with the use of indexes.Ģ. It stores and analyses the logs, security related events and metrics. Elasticsearch is a search and analytics engine. Combining these three tools will provide you all the features required to perform log analysis.ġ. Let’s now perform a log analysis with ELK Stack.Īs stated earlier, ELK Stack is the acronym for three open source tools: Elasticsearch, Logstash and Kibana.
0 Comments
Leave a Reply. |