ELK Stack- Elasticsearch, Logstash and Kibana

 


           E- Elasticsearch

           L- Logstash

           K- Kibana


ELK Stack was a collection of mainly three open-source products developed, managed and maintained by elastic.

ELK Stack is designed to allow users to take to data from any source, in any format, and to search, analyze, and visualize that data in real time.

ELK provides centralized logging that be useful when attempting to identify problems with servers or applications. It allows you to search all your logs in a single place. It also helps to find issues that occur in multiple servers by connecting their logs during a specific time frame. 

Elasticsearch is a distributed, RESTful search and analytics engine capable of addressing a growing number of use cases. As the heart of the Elastic Stack, it centrally stores your data for lightning fast search, fine‑tuned relevancy, and powerful analytics that scale with ease.[1]

Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite "stash."[2]

Kibana is a free and open user interface that lets you visualize your Elasticsearch data and navigate the Elastic Stack. Do anything from tracking query load to understanding the way requests flow through your apps.[3]


This is the simplest pipeline of the ELK Stack.The different components of the ELK Stack provide a simple yet powerful solution for log management and analytics.
The various components in the ELK Stack were designed to interact and play nicely with each other without too much extra configuration.

However, one more component is needed or Data collection called Beats. This led Elastic to rename ELK as the Elastic Stack. 


Beats is a free and open platform for single-purpose data shippers. They send data from hundreds or thousands of machines and systems to Logstash or Elasticsearch.It is light weighted.

In this simple mechanism beats collect log files in the machine and sent it to logstash to process. Elasticsearch will store those data o usage of kibana.In here Elasticsearch working as a database and beats can sent data to logstash through the open ports. In the ELK Stack default port allocation as follows.

Next  time we will be discussed about Installation of ELK on Linux with step by step guidance.

References:
[1] https://www.elastic.co/elasticsearch
[2]https://www.elastic.co/logstash
[3] https://www.elastic.co/kibana
[4]https://logz.io/learn/
[5]https://www.guru99.com/

0 Comments