Scribd
Upload
107 views22 pages

Elastic Stack Log Analysis Guide

Uploaded by

brahimnewghazi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
107 views22 pages

Elastic Stack Log Analysis Guide

Uploaded by

brahimnewghazi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd

Elastic Stack demo

Hajar Abu- Rmeileh


Software Engineering Class
Supervisor :Dr. Wesam Herbawi
Jun 2023
Elastic Stack

Centralized logging

ELK
Elastic Stack

is a NoSQL database that is based on


the Lucene search engine.

is a log pipeline tool that accepts


inputs from various sources, and
exports the data to various targets.

is a visualization UI layer that works


on top of Elasticsearch.
Elastic Stack

These three projects are used together for log analysis in various environments.
- Logstash collects and parses logs,
- Elastic search indexes and store this information.
- Kibana provides a UI layer that provide actionable insights.
Elastic Stack

Pull Pull
logs Pull
logs
logs
Elastic Stack
Elastic Stack

a lightweight shipper for forwarding and


centralizing log data.
Elastic Stack

[Link]
Elastic Stack

Download elastic search


[Link]

Open [Link]
# Enable security features
[Link]: false

Run [Link] in bin files


[Link]

localhost:9200
Elastic Stack

Download Kibana
[Link]

Run [Link] in bin files


[Link]

localhost:5601
Elastic Stack

Download logstash
[Link]
Elastic Stack

Download filebeat
[Link]
Elastic Stack

cmd
cmd

Run in bin files:


[Link] -e "input { stdin { } } output { stdout
{} }"

[Link]
Elastic Stack

Create in config files:


[Link]

input {
stdin {

}
}

output {
elasticsearch {
hosts => ["[Link]
index => "hellodb"
Run in bin files:
}
}
logstash -f ./config/[Link] --[Link]
Elastic Stack
Delete registry folder
C:\Users\admin\Downloads\filebeat-8.8.0-windows-x86_64\data\registry

Create in filebeat-8.8.0-windows-x86_64: cmd


Log file [Link]

[Link]:
- type: log
paths:
- C:/Users/admin/Downloads/logstash-
[Link]
[Link]:
pretty: true
Run in filebeat-8.8.0-windows-x86_64:
filebeat -e -c [Link] -d "publish"
Elastic Stack

[Link] [Link]

input {
beats {
[Link]: port => "5044"
- type: log }
paths: }
- C:/Users/admin/Downloads/logstash- # The filter part of this file is
[Link] commented out to indicate that it is
[Link]: # optional.
hosts: ["localhost:5044"] # filter {
#
# }
output {
stdout {}
}
Elastic Stack
Delete registry folder
C:\Users\admin\Downloads\filebeat-8.8.0-windows-x86_64\data\registry

2 1
[Link] [Link]

logstash -f ./config/[Link] --
filebeat -e -c [Link] -d "publish"
[Link]

[Link]
Elastic Stack

Run: Delete registry folder


C:\Users\admin\Downloads\filebeat-8.8.0-windows-x86_64\data\registry
1. elasticsearch
2. Kibana
3. Logstash
4. filebeat
Elastic Stack
[Link]

[Link]

input {
beats {
port => "5044"
}
}
logstash -f ./config/[Link] --
[Link]
filebeat -e -c [Link] -d
"publish"
output {
stdout { codec => rubydebug }

elasticsearch {
hosts => ["[Link]
index => "logdb"
}

}
Elastic Stack

[Link]

filebeat -e -c [Link] -d logstash -f ./config/[Link] --


"publish" [Link]
Elastic Stack
[Link]
Thanks for listening

Hajar Abu- Rmeileh


Software Engineering Class
Supervisor :Dr. Wesam Herbawi
Jun 2023

You might also like