ELK (Elastic Search, Logstash, Kibana) It refers to a set of open-source products developed by Elastic to help its users to collect the da...
ELK (Elastic Search, Logstash, Kibana)
It refers to a set of open-source products developed by Elastic to help its users to collect the data from different sources and analyze the data and present it in a simple manner.
Different Components of ELK
Elastic Search
It is a NoSql database that can be used to index and store different types of documents. It also provides the functionality to search the real-time data.
LogStash
Logstash is a collection agent used to collect both heterogenous/non-heterogenous data from various sources. It has the capability to screen, break down, and make string alterations in the data it collects. After collecting and filtering the data, it then sends it to Elasticsearch for storage.
Kibana
Kibana is a graphical user interface used to display the data that is collected and stored in Elasticsearch. It displays the data with appealing visuals so that the data could be easily understood and analyzed; it does so by using multiple types of visuals like bar chart, pie chart,world map, heat map, cordinate map, etc.
Beats
Beats is similar to Logstash in the fact that they both collect data that will be later stored and analyzed, but Beats differs in the method of collection. Beats is a set of multiple small software installed on different servers from where they collect the data and send it to Elasticsearch
ELK Flow
First, Beats are attached to remote servers from where these Beats collect information from various sources.
After collecting all the data needed, they either ship the data to Logstash for filtration or directly send it to Elasticsearch.
The data is then stored in Elasticsearch. From here, it will not be directly sent to Kibana. Kibana first needs to find where Elastic is and then go and get the data by itself
COMMENTS