AI + Streaming: Practical Architectures That Work

We're excited to bring the community together for an evening of learning and connection!
Come support your fellow developers, learn something new, and meet others who are passionate about search, observability, and security.

Date and Time:
Thursday, March, 12th from 5:30-7:30 pm

Agenda:

• 5:30 pm: Doors open; say hi, grab a seat, and eat some food.
• 6:00 pm: Building Agentic AI on ELK stack, by Gleb Gadyatskiy, Principal Engineer at PointClickCare
• 6:30 pm: Q&A
• 6:40 pm: "One Does Not Simply Query a Stream", by Viktor Gamov is a Principal Developer Advocate at Confluent
• 7:10 pm: Q&A
• 7:20-7:30 pm: Networking & refreshments

Talk Abstracts:
"Building Agentic AI on ELK stack"

Story how I built AI Agent using pure ELK + LLM to automate incidents investigations

1. What is AI Agent, ELK and why I decided to build AI Agent using only ELK
2. Building simple AI Agent using pure Logstash pipelines
3. Building advance AI Agent using Ruby plugin
4. Connecting AI Agent to Elastic AI Assistant

Gleb Gadyatskiy is a Principal Engineer at PointClickCare. He is a part of the Infrastructure Architecture team and describes his role as “the first line in attack and the last line in defense”. Gleb provides support for all teams to aggregate logs from various apps into Elasticsearch, use AI to get insights from logs and actively promotes Elastic stack in PointClickCare. Gleb enjoys outdoor traveling with his wife and two kids in a camper.

"One Does Not Simply Query a Stream"

Streaming data with Apache Kafka® has become the backbone of modern applications. While streams are ideal for continuous data flow, they lack built-in querying capabilities. Unlike databases with indexed lookups, Kafka’s append-only logs are designed for high-throughput processing—not for on-demand queries. This necessitates additional infrastructure to query streaming data effectively. Traditional approaches replicate stream data into external stores: relational databases like PostgreSQL for operational queries, object storage like S3 accessed via Flink, Spark, or Trino for analytics, and Elasticsearch for full-text search and log analytics. Each serves a purpose—but they also introduce silos, schema mismatches, freshness issues, and complex ETL pipelines that increase system fragility. In this session, we’ll explore solutions that aim to unify operational, analytical, and search workloads across real-time data. We'll demonstrate stream processing with Kafka Streams, Apache Flink®, and SQL engines; real-time analytics with Apache Pinot®; search capabilities with Elasticsearch; and modern lakehouse approaches using Apache Iceberg® with Tableflow to represent Kafka topics as queryable tables. While there's no one-size-fits-all solution, understanding the tools and trade-offs will help you design more robust and flexible architectures.

Viktor Gamov is a Principal Developer Advocate at Confluent, founded by the original creators of Apache Kafka®. With a rich background in implementing and advocating for distributed systems and cloud-native architectures, Viktor excels in open-source technologies. He is passionate about assisting architects, developers, and operators in crafting systems that are not only low in latency and scalable but also highly available.
As a Java Champion and an esteemed speaker, Viktor is known for his insightful presentations at top industry events like JavaOne, Devoxx, Kafka Summit, and QCon. His expertise spans distributed systems, real-time data streaming, JVM, and DevOps.
Viktor has co-authored "Enterprise Web Development" from O'Reilly and "Apache Kafka® in Action" from Manning.
Follow Viktor on X - @gamussa to stay updated with Viktor's latest thoughts on technology, his gym and food adventures, and insights into open-source and developer advocacy.

Location:
Improving Office
171 East Liberty St
Unit 235
Toronto, Ontario M6K 3P6

Directions (171 E Liberty St - Suite 235)
By transit
Streetcars 504 and 509 both travel close to the office (less than 10 minute walk to the office from either), the lakeshore GO train is also a 5 minute walk from the office.
By car/parking
On street parking is available - there are a handful of paid parking spots directly in front of the entrance - with a large city parking lot across the street.
Entrance
The entrance to the office is beside the Bulk Barn entrance facing Hannah Street. There is an Improving logo on the door.