There is an excellent how-to blog post written by Philippe Creux on how to deploy ELK stack. He goes to explain in detail his logstash configuration files and other technical stuff.
For anyone looking to get a quick start on ELK, I would recommend browsing through this article.
ELK has been creating lot of buzz and for good reasons. It is fast, reliable, highly scalable and above all, easy to setup. It is totally cloud friendly. Almost every setting in Elastic search is preconfigured and ready to use for production deployment (note: almost).
Though not necessary, it is recommended to introduce a queuing mechanism before logstash crunches the data and sends to Elasticsearch. This queue provides a buffer so that Logstash does not get overloaded with surge in data. In this way, you have time to react for scaling your environment without choking. Rabbitmq is a popular choice for ELK stack.
Here is the full article. Thanks much for folks at brewhouse for sharing this.
http://brewhouse.io/blog/2014/11/04/big-data-with-elk-stack.html
Happy Monitoring!
Comments on this entry are closed.