Centralized Logs using ELK(Elasticsearch, Logstash, Kibana) Stack using openSUSE
Manage all logs with simple way
Estu Fardani
I am openSUSE user from Indonesia, currently working as DevOps in Indonesian Startup. Know openSUSE since 12.1 and start using openSUSE since 42.2 release. And for now, using Tumbleweed for daily activity.
Managing server will monitoring all things; disk, network, i/o, CPU, RAM, log, etc. Monitoring that all things will be easy if the number of server is small. We just take manual action, login to the server and watch the status. But, how to do monitoring if the number of server will increasing; dozens, hundreds? We need tools.
ELK Stack specially can be use for monitoring log. Centralized log. Centralized logging can be very useful when attempting to identify problems with our servers or applications, as it allows us to search through all of our logs in a single place. It is also useful because it allows us to identify issues that span multiple servers by correlating their logs during a specific time frame.
In this workshop, we will go over the installation of ELK (Elasticsearch, Logstash, Kibana) Stack on openSUSE. We will also show how to configure it to gather and visualize the syslogs of systems in a centralized location, using Filebeat. Logstash is an open source tool for collecting, parsing, and storing logs for future use. Kibana is a web interface that can be used to search and view the logs that Logstash has indexed. Both of these tools are based on Elasticsearch, which is used for storing logs.
It is possible to use Logstash to gather logs of all types, but we will limit the scope of this tutorial to syslog gathering.
The goal of the workshop is to set up Logstash to gather syslogs of multiple servers, and set up Kibana to visualize the gathered logs.
- Date:
- 2016 September 30 - 15:30
- Duration:
- 2 h
- Room:
- LAB Database
- Conference:
- openSUSE.Asia Summit 2016
- Language:
- Track:
- Workshop
- Difficulty:
- Medium