ELK stack stands for Elastic Search, Logstash and Kibana, together all these three components do the jobs of the centralized monitoring solution of your infrastructure. In short ELK stack is not just monitoring solution it comes with lots of other features like searching the historical data, visualized your monitoring status, quick findings of the root cause of the problem, machine learning, Graph and many more. It has lots of plugins that make it more interesting and useful for today worlds where we have hundreds of microservices and servers running on the cloud and personal data center.
Why ELK Stack?
ELK stack has some unique features, that make it different from any other monitoring tools and software, some of them are given below.
- Most powerful and unique features of ELK stack is that its lightweight
- The core of the ELK and very fist is the elastic search which provides the unique functionality of the searching of any error and status.
- A centralized database of all the servers and all type of monitoring status, like network, server, application, API, process and many more
- Its provide nice visualization tool with the help of Kibana, but it's not limited to that only you can use the other visualization tool as well like Grafana
- Using Logstash you can do the filtering and conversion of your traces, data, ERROR, etc
- There are several lightweight beats which make it more interesting and you need to install the only required beat on the server, Instead of the whole software bundle. Like if you need to monitor the sever health/status then you can only install the Metricbeat.
- You can send the alert to your email and slack channel.
- Lots of in builds plugin
- Lightweight Shipper for application and servers Logs
- Connectivity directly with your database, Java Beans with the help of Jolokia, application logs monitoring with Filebeat.
- Power of Machine Learning.
- Its open source
In short, I just want to show that it's many more powerful what written above, you can do whatever required for your infrastructure and even for your business team.
How to install the ELK stack ?
Steps to setup the ELK stack in your infrastructure
- Choose the installation method
Depending on the connectivity or requirements you can choose the correct option for your installation.
If you want to install using the repository then you can directly add the ELK stack repository to your server and execute the yum/apt command to install the components.
If you want to download the RPM or just tar.gz file. There is some difference in the installation method of all these mode and post steps as well, So I recommend to follow the official website for the installation of all the module and components.
- However, If you choose to download the ELK Stack then you can download form here.
First, you need to download/install the ELK stack from the Elastic Search website.
- Select the Beats as per your requirement.
Metricbeat for server monitoring, like Load of the server, CPU utilization, Disk IO, Disk space, Memory Utilization, Process status,etc.
Filebeat if you want to monitor the Logs
Heartbeat if you want to monitor your process up and down status, like remote HTTP URL, an application running on a specific port, in short, its provide you the functionality to do HTTP request, telnet and ping.
Packetbeat is for network monitoring.
- Configuration of the beats
Configuration of the beats is also very easy with respect to other tool and you just need to put the IP address of the component in your configuration files. See the below integration architecture how the beats are connected to ELK stack.