Ingesting Elasticsearch logs with Filebeat

May 25, 2020
logging monitoring elasticsearch getting-real

background

unsplash-logoAvi Richards

Requirements

Many of us use Elasticsearch for storing the logging and monitoring data. But, who keeps an eye on this platform? Out of the box Elasticsearch can monitor itself. It cannot, however, ingest its own logs. Luckily, though, this is a very easy fix, that you should take out of your way immediately.

While Elastic Cloud is quite practical, and Elasticsearch Service is picking up steam, many of us, for one reason, or the other, need to run Elasticsearch ourselves. While this means a bit more work, Elastic's team made it simple enough to get a production grade platform very quickly. And this includes monitoring and logging Elasticsearch itself.

Option A: You are running Elasticsearch on Kubernetes

Chances are you're also using Filebeat to collect the logs from your applications.

Logstash snippet

You can relax, sit back and enjoy... while you can, some would say.

Option B: Elasticsearch running on VMs

This is also quite simple.

Back to Blog