https://github.com/ripta/elk_stack_demo
https://github.com/ripta/elk_stack_demo
Last synced: 3 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/ripta/elk_stack_demo
- Owner: ripta
- Created: 2016-02-25T21:56:35.000Z (over 9 years ago)
- Default Branch: master
- Last Pushed: 2016-02-25T20:28:39.000Z (over 9 years ago)
- Last Synced: 2025-02-16T09:43:03.445Z (3 months ago)
- Language: Ruby
- Size: 23.4 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: readme.md
Awesome Lists containing this project
README
docker-compose build
docker-compose up
docker-compose run rails rake db:create
docker-compose run rails rake db:setup
todo:
- rails volumes not working?
---
ELK
log stash forwarder
uses different regex patterns for log parsing
no limit on indexes
limit of events that can be processed per second 60k (per node)
scaling / would we need a broker
secure (need a proxy), commercial would have a security plugin
github.com/elasticsearch/demo
logstash config is writen in ruby
what is system d
key value:
- considered best practice format for splunk
- lower memory footprint
json:
- structured so we could have more complex or nested structures (complex structures aren't recommended though)
- don't have to worry about escaping
-------
log forwarders
https://github.com/elastic/beats/tree/master/filebeat
https://www.elastic.co/guide/en/logstash/current/plugins-inputs-syslog.html
https://docs.docker.com/engine/admin/logging/overview/