Search and analyse your data in realtime

Elasticsearch

The Open Source Enterprise search server

Elasticsearch is a distributed search and analytics server, which represents the core of the Elastic Stack. The communication between Elasticsearch and the service consumer is almost exclusively based on JSON via REST interface. This has the advantage that even smaller read and write operations can be tested and developed using CURL, without having to resort to a heavy-weight API.

Scaling

Especially Elasticsearch stands out because it brings along everything that is needed for scaling and distribution of the installation. If an increase is necessary due to increasing load, then Elasticsearch only needs to be notified of a new server.

It then takes care of the redistribution of data and inquiries independently.

Performance

All incoming data is immediately indexed by Elasticsearch. Whether log information, numeric or geographical data.

Since everything is indicated, boredom never arises. This means that all data can be retrieved and processed at tremendously high speed. And of course, the whole comes with a frantic fast full text search in the luggage.

Logstash

Flexible Log- and Eventmanagement

Logstash is an open source log management solution that specializes in channeling, filtering and distribution of log and event information. It supports a large number of input and output formats and thus integrates into almost any IT environment.

In short, Logstash is the open source solution for managing and analyzing log information and the tool of choice to address the increasing volume of information in an auditable manner. Logstash has a variety of input, filtering and output plug-ins. Thus all events and log messages available in your network can be received, processed and forwarded.

Integration

Logstash supports a variety of inputs and outputs to process and forward the various information from a variety of sources. In addition to standards such as syslog, pipe and SNMP traps, various message brokers are also supported.

The integration of application logs is thus possible without further detours and requires no installation of additional third-party software.

input { stdin { } }

filter {
  grok {
    match => { "message" => "%{COMBINEDAPACHELOG}" }
  }
  date {
    match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
  }
}

output {
  elasticsearch { hosts => ["localhost:9200"] }
  stdout { codec => rubydebug }
}

Kibana

Your look in the Elastic Stack

Kibana visualizes and analyzes the data stored in Elasticsearch. Sophisticated filtering option allows the construction of dashboards for all data stored in Elasticsearch.

Working with Kibana is the real reward for the effort invested in collecting the log and event information in advance. The access to all stored information is very fast and no deeper knowledge of a query language like SQL is necessary.

Of course understanding the underlying intersections of the queried data is an advantage in order to get to the goal quickly, but even without it, visual viewing of the data is simply fun.

Geoinformation can easily be used in Kibana to create a local data reference. With the help of the Geoip filter plug-in, log data can be enriched with corresponding geoinformation based on the existing IP address.

Elasticsearch is more than a pure index database and has a powerful time series engine, the so-called Timeseries. This allows performance information from log data to be stored and analyzed for longer periods of time.

Beats

Collect, analyse and distribute

Beats is the platform to build lightweight data collectors for a variety of data types to enrich with Logstash, search and analyze in Elasticsearch, and visualize in Kibana.

If you are interested in log files, infrastructure metrics or network packages, Elastic Beats is a must.

Packetbeat

Network data provides a deep insight into the interaction of your applications. Packetbeat is an open source project designed to analyze in real time data from web, database and other protocols.

Packetbeat can be extended for any purpose with additional protocols and metrics.

Topbeat

Resource utilization is usually the first clue in the analysis of operating problems.

Topbeat was developed as a lightweight way to gather CPU, memory and other system-wide data, and passes the data to Elasticsearch or Logstash.

Winlogbeat

For Windows Eventlogs the Winlogbeats represent a special variant of the Filebeats, which was developed especially for the collection of Eventlogs.

The result is a lightweight solution for centrally storing Windows log data in Elasticsearch with the usual filtering and enrichment capabilities with Logstash.

Starterpaket

The simple beginning of something big

With our starter packs we want to simplify the entry into the log management with the Elastic Stack (Elasticsearch, Logstash and Kibana) and offer a cost-effective way to get to know the open source system without first having to go into large financial inputs, such as commercial products often the case.

our experienced consultants will be there for 4 or 7 days, set up the system directly on site and provide the basics for further operation. The package is settled at a fixed price and there are no additional costs.

Elastic Stack Starterpaket Standard

We recommend that you visit our Elastic Stack Training before booking the Elastic Stack Starter Pack Standard. This training is already included in the Elastic Stack Starter Package Premium.

  • Joint workshop on log and event management
  • Introduction to the components Logstash, Elasticsearch, Kibana and Beats
  • Installation and basic configuration on customer hardware
  • Exemplary integration of customer logs and evaluation with the help of Kibana

Elastic Stack Starterpaket Premium

  • Elastic stack training (4 days for 3 participants – additional participants possible for an extra charge – 6 max.) *
  • Joint workshop on log and event management
  • Introduction to the components Logstash, Elasticsearch, Kibana and Redis
    Installation and basic configuration on customer hardware
  • Exemplary integration of customer logs and evaluation with the help of Kibana

* The training will cover the scope of the Elastic Stack training and will be conducted on-site
(including rental notebooks, training material and attendee certificates)

News

Posts from our Blog

Elastic Stack viel neues, aber sicher!

by | Jul 5, 2019 | Elastic Stack, NETWAYS

Mit der Veröffentlichung von Elastic Stack 7 kamen bereits eine Menge Neuerungen in den Stack aber auch in den beiden darauf folgenden Releases Elastic Stack 7.1 und 7.2 wurde es nicht langweilig. Vieles davon wurde aber nicht sonderlich ins Rampenlicht gerückt oder...

Von Ausbildung und Grok Debuggern

by | Jun 14, 2019 | Elastic Stack, German, NETWAYS

Vor mittlerweile einigen Wochen hatte ich eine "Elastic Stack"- Schulung bei Daniel. Bei der in wenigen Tagen alle Bestandteile des Stacks erst oberflächlich und dann in Tiefe bearbeitet worden sind. Elastic Stack ist ein Set von Tools, die zwar von der gleichen Firma...

Webinars

Our Webinars for Elastic

subscribeSubscribe
«
Prev
1
/
2
Next
»
loading
play
ElasticStack: Grundlagen der zentralen Logdatenverwaltung (Webinar vom 15. März 2016)
play
Logstash: Open Source Log Management (Webinar vom 20. Februar 2014)
play
Logstash: Logfile Archivierung leicht gemacht (Webinar vom 06. Dezember 2013)
«
Prev
1
/
2
Next
»
loading

Trust the market leader

We are happy to bring you our experience from more than 500 projects. Whether professional services, training or support your environment.

Contact us now

Support vom Spezialisten

We are happy to support your elastic stack environment through our support team. From help in the event of a fault to complete takeover.

Our support models

Icinga

Elastic

Graylog

Grafana