Quick Kibana Crash Course

Transcript

1. Quick Kibana Crash Course Carson Gee @carsongee 1 / 11

2. Agenda ELK Stack Introduction Logstash Basics Kibana Instruction/Demo 2 /

   11

3. ELK Stack ElasticSearch Mostly Database Like Index ↦ Database Document

   Type ↦ Table Document ↦ Row Row schema completely flexible Super scalable and highly clusterable 3 / 11

4. ELK Stack LogStash Super log parser Consume anything you can

   write a grok/filter for Input from almost anything Output to almost anything 4 / 11

5. ELK Stack Kibana Generic ElasticSearch Analytics Client Side Log analysis

   5 / 11

6. ELK Stack 6 / 11

7. LogStash Made up of inputs, filters & output i n

   p u t { t c p { t y p e = > " a p a c h e " p o r t = > 3 3 3 3 } } f i l t e r { g r o k { p a t t e r n = > " { % C O M B I N E D A P A C H E L O G } " } d a t e { t y p e = > a p a c h e t i m e s t a m p = > " d d / M M M / y y y y : H H : m m : s s Z " } o u t p u t { s t d o u t { d e b u g = > t r u e } } 7 / 11

8. Kibana Explore Your Data Searching Analysis 8 / 11

9. Kibana Demo Built-in Dashboard Logstash Basic Pieces Configuration Query Filtering

   Row Panel 9 / 11

10. Kibana Demo Finding What You Want Filter/Narrow First Query Second

    Zoom In Analyzing What You Want terms histograms trends 10 / 11

11. Kibana Demo Continued Making it better for you edX Making

    it smarter tracking logs Make for something beyond logstash 11 / 11