I am new to ELK and use mac as my personal machine but a PC in office.
Please help me in finding a right track to go ahead with ELK stack.
First of all use oficial docs it's very good
Tutorials for users
Info for aministration
I'm currently at my work trying to setup the ELK stack as well, there are tons of guides, and honestly, all of them still require the user to tinker.
I have found the official stack guide to be the most helpful with my endeavours so far.
Though I have one recommendation: do not install from the apt-get repos, I've found those just....don't work for me. I've had the best luck just downloading their packages directly from them.
Take a look into the following courses in Udemy
Linux Academy's Elastic Certification Preparation Course
Elasticsearch 6 and Elastic Stack - In Depth and Hands On!
Complete Guide to Elasticsearch
Complete Elasticsearch Masterclass with Logstash and Kibana
Related
Hello enthusiastic people.
I am a student trying to learn Elastic stack.
I have 1 node installed on my local machine. I have also successfully installed beats on my other local machine to get data and deliver it to my logstash.
My question is, what if I add another node, do I still need to install kibana and elasticsearch? Then connect it from my first node?
I just read a lot that a single node is prone to data loss.
Sorry for my noob question.
Your answer is very appreciated.
Thanks in advance.
Having a cluster with at least 3 nodes would be good to ensure data security and integrity.
A cluster can have one or more nodes.
An example scenario:
It will be easier for you to install with docker during the learning and development process. I recommend you follow the link below. This link explains how to set up an elasticsearch cluster with 3 nodes on docker.
Start a multi-node cluster with Docker Compose
I'm trying to forward kubernetes-event logs to elasticsearch using fluentd.I currently use fluent/fluentd-kubernetes-daemonset:v1.10.1-debian-elasticsearch7-1.0as container image to forward my application logs to elasticsearch cluster.I've searched enough & my problem is that this image doesn't have enough documentation as to accomplishing this task(i.e; forward kubernetes event related logs).
I've found this plugin from splunk which has desired output but this has overhead like :
add above plugin's gem to bundler.
install essential tools like make etc.
install the plugin .
Sure I can do above steps using init-container, but above operations are adding ~200MB to disk space .I'd like to know if it can be accomplished with smaller footprint or other way.
Any help is appreciated.
Thanks.
You can try this: https://github.com/opsgenie/kubernetes-event-exporter
It is able to export Kube events to Elasticsearch.
I want to use ElasticSearch instead of MongoDB. How can I achieve this?
Is there a way to install everything from scratch and configure it? Configuration is the challenging part. I'm looking for tutorials explaining how to replace MongoDB with Elasticsearch.
There's not an easy way to substitute MongoDB with Elasticsearch on the stack.
However, you can easily install a Bitnami Elasticsearch stack (https://bitnami.com/stack/elasticsearch) on a different directory. For instance, if you have your MEAN stack on the default directory (/opt/bitnami/), you can install the Elasticsearch stack at /opt/elasticsearch/ and then edit the environment/control scripts of the original stack so you disable MongoDB and add the ability to control Elasticsearch.
If you want to have everything in the same VM, then I advise you to use our Elasticsearch installer: https://bitnami.com/stack/elasticsearch/installer
This way you would have your MEAN stack and, in addition, an Elasticsearch stack. Then you can disable MongoDB if you don't plan to use it at all.
sudo /opt/bitnami/ctlscript.sh stop mongodb
sudo mv /opt/bitnami/mongodb/scripts/ctl.sh
sudo /opt/bitnami/mongodb/scripts/ctl.sh.disabled
Credits -
jsalmeron - bitnami
I want to setup an 3 node cluster setup in elasticsearch, but I unable to setup, getting error like connection refused in data machine, master machine starting fine, but it shows like 0 nodes added.
I would recommend to read tutorial first, like
https://www.digitalocean.com/community/tutorials/how-to-set-up-a-production-elasticsearch-cluster-on-ubuntu-14-04
https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-discovery-zen.html
then ask precise question here about a specific issue.
About your question, I think you didnt configure discovery.zen.ping.unicast.host fine, so nodes dont know each other.
Also, when you post a question, please post:
elasticsearch version
environnement (AWS, VM ...)
configuration sample
Welcome at SO!
Basically I have followed the instructions here
But when I go to couchbase to setup the replication i get:
but I know it is there because
The machines can ping each other and no firewalls etc.....
I have found the following error in the log for elaticsearch every time i hit replicate in couchbase.
I am not sure what this means but....
Any pointers would be appreciated
Kindest Regards
Robin
Edit
Ps: lastest version of both couchbase and elasticsearch from today and running ubuntu server 12.04 LTS
I think that the CouchBase plugin has not been released yet for Elasticsearch 0.20.x but only for 0.19.x.
I think this is your issue here.
So try switching to a 0.19.9 ES version or wait for the next release of the CouchBase plugin.