Log Consolidation with ELK Stack¶
This document provides a simple tutorial on Elastic stack usage, including some tips. All knowledge is based on the author’s own experience, and should work as well on anyone’s setup. However, because of OS differences and ELK stack software version updates, some inforamtion maybe not suitable for your setup. Anyway, the knowledge is common:)
This document is mainly for training and learning, please do not take it as a best practice. There is no responsibility from the author if you meet serious problems following the document.
In the meanwhle, for anything unclear or needing enhancement, please help submit a issue/PR here on github
- ELK Introduction
- ELK Installation
- Logstash Pipelines
- ELK Stack End to End Practice
- ELK Stack + Kafka End to End Practice
- Check Logs with Kibana
- Grok Debugger
- Tips
- How to add tags based on field content with pipelines?
- Add Tags to Different Kafka Topics
- Rename the Host Field while Sending Filebeat Events to Logstash
- Consolidate Unix Logs with NXLog
- Reveal metadata of an event
- Use syslog timestamp as @timestamp
- Consolidate journal logs
- Alerting Management with Elastalert
- KQL