What is the ELK Stack?
What is the ELK Stack?
Up until a year or two ago, the ELK Stack was a collection of three open-source products. “ELK” is the acronym for: Elasticsearch, Logstash, and Kibana.
Elasticsearch is a search and analytics engine. Logstash is a server‑side data processing pipeline that ingests data from multiple sources simultaneously, transforms it, and then sends it to a “stash” like Elasticsearch. Kibana lets users visualize data with charts and graphs in Elasticsearch. The Elastic Stack is the next evolution of the ELK Stack.
What’s in it for me?
Monitoring modern applications and the IT infrastructure they are deployed on, requires a log management and analytics solution that enables engineers to overcome the challenge of monitoring what are highly distributed, dynamic and noisy environments. So if you were tasked with understanding what’s going on with each application, you were likely patching together a couple of open source tools to get the data that you need.
ELK Stack Capabilities.
The Elk log management and analysis include the following key capabilities:
- Aggregation – the ability to collect and ship logs from multiple data sources.
- Processing – the ability to transform log messages into meaningful data for easier analysis.
- Storage – the ability to store data for extended time periods to allow for monitoring, trend analysis, and security use cases.
- Analysis – the ability to dissect the data by querying it and creating visualizations and dashboards on top of it.
Do I have to pay anything for it?
Of course not, the ELK Stack is open source. With IT organizations favoring open source products, this alone could explain the popularity of the stack. Using open source means organizations can avoid vendor lock-in and onboard new talent much more easily. Everyone knows how to use Kibana, right? Open source also means a vibrant community constantly driving new features and innovation and helping out in case of need.
How can I build/implement it without breaking everything?
The ELK Stack can be installed using a variety of methods and on a wide array of different operating systems and environments. ELK can be installed locally, on the cloud, using Docker and configuration management systems like Ansible, Puppet, and Chef. The stack can be installed using a tarball or .zip packages or from repositories.
In our next blog post, we’ll walk you though the steps that it takes to stand up a basic ELK Stack configuration. As always, if you have any specific questions on getting started with DevSecOps of CI/CD, contact us direct at [email protected] or via our website AlphaBravo