Log Aggregation and Infrastructure Metrics with the Elastic Stack

• What we'll do
Summary
The Elastic Stack is the rebranded ELK stack. It has Elasticsearch at its core for the data store and search engine. Beats are used as data shippers which includes Filebeat, Metricbeat, Packetbeat, and others. Logstash can be used at the edge for things like listening to syslog and for manipulating data prior to ingesting it in Elasticsearch. Kibana is the visualization layer which includes the ability to view logs, create time series graphs, heatmaps, geolocation maps, and many more visualization types. X-Pack includes some free and some commercial add ons to solve RBAC, alerting, machine learning, cluster monitoring, and more. All these pieces provide a powerful ecosystem for monitoring a production environment, quickly finding the root cause for performance issues, and for searching logs across your infrastructure.

Bio
Jeff Spahr is the Systems Infrastructure Architect at Bandwidth. He's been using the Elastic Stack for about a year for centralized logging, DNS metrics, and system metrics for linux servers and Kubernetes clusters.

• What to bring

• Important to know