Book Image

Learning ELK Stack

By : Saurabh Chhajed
Book Image

Learning ELK Stack

By: Saurabh Chhajed

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Learning ELK Stack
Saurabh Chhajed
Nov, 2015 | 206 pages
No titles found
Table of Contents (17 chapters)
Learning ELK Stack
Learning ELK Stack
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introduction to ELK Stack
Introduction to ELK Stack
The need for log analysis
Challenges in log analysis
The ELK Stack
ELK data pipeline
ELK Stack installation
Summary
2
Building Your First Data Pipeline with ELK
Building Your First Data Pipeline with ELK
Input dataset
Configuring Logstash input
Filtering and processing input
Putting data to Elasticsearch
Visualizing with Kibana
Summary
3
Collect, Parse and Transform Data with Logstash
Collect, Parse and Transform Data with Logstash
Configuring Logstash
Logstash plugins
Summary
4
Creating Custom Logstash Plugins
Creating Custom Logstash Plugins
Logstash plugin management
Plugin lifecycle management
Structure of a Logstash plugin
Summary
5
Why Do We Need Elasticsearch in ELK?
Why Do We Need Elasticsearch in ELK?
Why Elasticsearch?
Elasticsearch basic concepts
Exploring the Elasticsearch API
Elasticsearch Query DSL
Elasticsearch plugins
Summary
6
Finding Insights with Kibana
Finding Insights with Kibana
Kibana 4 features
Kibana interface
Summary
7
Kibana – Visualization and Dashboard
Kibana – Visualization and Dashboard
Visualize page
Dashboard page
Summary
8
Putting It All Together
Putting It All Together
Input dataset
Configuring Logstash input
Visualizing with Kibana
Summary
9
ELK Stack in Production
ELK Stack in Production
Prevention of data loss
Data protection
System scalability
Data retention
ELK Stack implementations
ELK at SCA
ELK at Cliffhanger Solutions
Kibana demo – Packetbeat dashboard
Summary
10
Expanding Horizons with ELK
Expanding Horizons with ELK
Elasticsearch plugins and utilities
ELK roadmap
Summary
Index
Index

Kibana 4 features

Some of the unique features in Kibana 4 are as follows:

Search highlights

Search terms are highlighted in the list of documents shown after the search:

Search highlight in Kibana 4

Elasticsearch aggregations

Kibana 4 makes extensive use of Elasticsearch aggregations and sub aggregations to provide more than one aggregation for visualizations. There are mainly two types of aggregations—Bucketing and Metrics. Bucketing produces a list of buckets, each one with a set of documents belonging to it, for example, terms, range, histograms, and so on. Metrics calculate the compute metrics for a set of documents, for example, min, max, sum, average, and so on. These types of computations can only be done on numeric type of fields.

Scripted fields

Scripted fields are used to make computations on the fly on indexed data. For example, for a certain field you always want to multiply by 100 before you show it. You can save it as a scripted field. Scripted fields, though, can't be searched.

Let...

Previous Section
End of Section 2
Next Section