April 12 - Log Aggregation and Infrastructure Metrics with the Elastic Stack

Log Aggregation and Infrastructure Metrics with the Elastic Stack
Jeff Spahr, Bandwidth, Inc.
Thursday, 12 April 2018 - 6:45pm to 9:00pm
NCSU College of Textiles, 1020 Main Campus Dr., Room 2207
Underground parking deck immediately adjacent to the building (see map).

The Elastic Stack is the rebranded ELK stack. It has Elasticsearch at its core for the data store and search engine. Beats are used as data shippers which includes Filebeat, Metricbeat, Packetbeat, and others. Logstash can be used at the edge for things like listening to syslog and for manipulating data prior to ingesting it in Elasticsearch. Kibana is the visualization layer which includes the ability to view logs, create time series graphs, heatmaps, geolocation maps, and many more visualization types. X-Pack includes some free and some commercial add ons to solve RBAC, alerting, machine learning, cluster monitoring, and more. All these pieces provide a powerful ecosystem for monitoring a production environment, quickly finding the root cause for performance issues, and for searching logs across your infrastructure.

Jeff Spahr is the Systems Infrastructure Architect at Bandwidth. He's been using the Elastic Stack for about a year for centralized logging, DNS metrics, and system metrics for linux servers and Kubernetes clusters.