Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
ElasticSearch Kibana Logstash
What is it?
l
ElastiSearch — Store and Search engine
l
Logstash — Converter between text data
formats
l
Kibana — Web Gui f...
ElasticSearch
l
Writen on Java working on Apache Lucene.
l
Apache Lucene - high-performance, full-
featured text search en...
ElasticSearch: Index
Shard 1 Shard 2 Shard N
Shard 1
Replica
Shard 2
Replica
Shard N
Replica
Index
ElasticSearch: Cluster
ES
Node 1
ES
Node 2
ES
Node N
Logstash
l
Writen on Java & Ruby
l
Can filter/edit/collect data, based on cool,
simple and powerfull language for writing ...
Kibana
l
NodeJS + JS client for ES
l
Can visualize data from ES
Common architecture
DATA
SOURCE
logstash
ES
Node
Kibana 4
Log collection
Linux
rsyslog1
logstash
ES
Node
Kibana 4
rsyslog2
rsyslogN
ES
Node
ES
Node
Windows
Windows 1
NXLog
logstash
ES
Node
Kibana 4
Windows 2
NXLog
Windows n
NXLog
ES
Node
ES
Node
IDS System: Suricata
OpenSource IDS & IPS System like snort
Can sniff, analize and trasparent edit traffic
Also detect net...
IDS
IDS 1
logstash
ES
Node
Kibana 4
IDS 2
ES
Node
ES
Node
Тимофей Титовец — Elastic+Logstash+Kibana: Архитектура и опыт использования
Upcoming SlideShare
Loading in …5
×

Тимофей Титовец — Elastic+Logstash+Kibana: Архитектура и опыт использования

801 views

Published on

Доклад Тимофея Титовца про его опыт внеднения связки Elastic+Logstash+Kibana на августовской линуксовке MLUG 2015

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Тимофей Титовец — Elastic+Logstash+Kibana: Архитектура и опыт использования

  1. 1. ElasticSearch Kibana Logstash
  2. 2. What is it? l ElastiSearch — Store and Search engine l Logstash — Converter between text data formats l Kibana — Web Gui for visualize ES data
  3. 3. ElasticSearch l Writen on Java working on Apache Lucene. l Apache Lucene - high-performance, full- featured text search engine library
  4. 4. ElasticSearch: Index Shard 1 Shard 2 Shard N Shard 1 Replica Shard 2 Replica Shard N Replica Index
  5. 5. ElasticSearch: Cluster ES Node 1 ES Node 2 ES Node N
  6. 6. Logstash l Writen on Java & Ruby l Can filter/edit/collect data, based on cool, simple and powerfull language for writing rules.
  7. 7. Kibana l NodeJS + JS client for ES l Can visualize data from ES
  8. 8. Common architecture DATA SOURCE logstash ES Node Kibana 4
  9. 9. Log collection
  10. 10. Linux rsyslog1 logstash ES Node Kibana 4 rsyslog2 rsyslogN ES Node ES Node
  11. 11. Windows Windows 1 NXLog logstash ES Node Kibana 4 Windows 2 NXLog Windows n NXLog ES Node ES Node
  12. 12. IDS System: Suricata OpenSource IDS & IPS System like snort Can sniff, analize and trasparent edit traffic Also detect network attack, and defend network from it. Like very powerfull firewall
  13. 13. IDS IDS 1 logstash ES Node Kibana 4 IDS 2 ES Node ES Node

×