Book Image

Learning ELK Stack

By : Saurabh Chhajed
Book Image

Learning ELK Stack

By: Saurabh Chhajed

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Learning ELK Stack
Saurabh Chhajed
Nov, 2015 | 206 pages
No titles found
Table of Contents (17 chapters)
Learning ELK Stack
Learning ELK Stack
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Introduction to ELK Stack
Introduction to ELK Stack
The need for log analysis
Challenges in log analysis
The ELK Stack
ELK data pipeline
ELK Stack installation
Summary
2
Building Your First Data Pipeline with ELK
Building Your First Data Pipeline with ELK
Input dataset
Configuring Logstash input
Filtering and processing input
Putting data to Elasticsearch
Visualizing with Kibana
Summary
3
Collect, Parse and Transform Data with Logstash
Collect, Parse and Transform Data with Logstash
Configuring Logstash
Logstash plugins
Summary
4
Creating Custom Logstash Plugins
Creating Custom Logstash Plugins
Logstash plugin management
Plugin lifecycle management
Structure of a Logstash plugin
Summary
5
Why Do We Need Elasticsearch in ELK?
Why Do We Need Elasticsearch in ELK?
Why Elasticsearch?
Elasticsearch basic concepts
Exploring the Elasticsearch API
Elasticsearch Query DSL
Elasticsearch plugins
Summary
6
Finding Insights with Kibana
Finding Insights with Kibana
Kibana 4 features
Kibana interface
Summary
7
Kibana – Visualization and Dashboard
Kibana – Visualization and Dashboard
Visualize page
Dashboard page
Summary
8
Putting It All Together
Putting It All Together
Input dataset
Configuring Logstash input
Visualizing with Kibana
Summary
9
ELK Stack in Production
ELK Stack in Production
Prevention of data loss
Data protection
System scalability
Data retention
ELK Stack implementations
ELK at SCA
ELK at Cliffhanger Solutions
Kibana demo – Packetbeat dashboard
Summary
10
Expanding Horizons with ELK
Expanding Horizons with ELK
Elasticsearch plugins and utilities
ELK roadmap
Summary
Index
Index

Input dataset

The input dataset is a continuous stream of Tomcat access logs in the following format:

10.0.0.2 - - [08/Sep/2015:17:39:46 +0100] "GET /elk/demo/10 HTTP/1.1" 200 40
10.0.0.2 - - [08/Sep/2015:17:39:47 +0100] "GET /elk/demo/11 HTTP/1.1" 200 39
10.0.0.3 - - [08/Sep/2015:17:39:48 +0100] "GET /elk/demo/12 HTTP/1.1" 200 39
10.0.0.2 - - [08/Sep/2015:17:39:49 +0100] "GET /elk/demo/13 HTTP/1.1" 200 39
10.0.0.2 - - [08/Sep/2015:17:39:50 +0100] "GET /elk/demo/14 HTTP/1.1" 200 39
10.0.0.4 - - [08/Sep/2015:17:39:51 +0100] "GET /elk/demo/15 HTTP/1.1" 200 40
10.0.0.2 - - [08/Sep/2015:17:39:52 +0100] "GET /elk/demo/16 HTTP/1.1" 200 39
10.0.0.2 - - [08/Sep/2015:17:39:53 +0100] "GET /elk/demo/17 HTTP/1.1" 200 39
10.0.0.5 - - [08/Sep/2015:17:39:54 +0100] "GET /elk/demo/18 HTTP/1.1" 200 39
10.0.0.2 - - [08/Sep/2015:17:39:55 +0100] "GET /elk/demo/19 HTTP/1.1" 200 39
10.0.0.2 - - [08/Sep/2015:17:39:56 +0100] "GET /elk/demo/20 HTTP/1.1" 200 40
10.0.0.6 - - [08/Sep/2015:17:39:57 +0100] "GET /elk/demo...
Previous Section
End of Section 2
Next Section