Elastic Stackでメトリクス＆ログ解析

by Jun Ohtani

Slide 1

Slide 1 text

‹#› 2017/05/27 Evangelist at Elastic Jun Ohtani @johtani Elastic stackͰ͸͡ΊΔ ϩάղੳೖ໳

Slide 2

Slide 2 text

‹#›

Slide 3

Slide 3 text

ΞδΣϯμ • γεςϜϝτϦΫεղੳɺϩάղੳΛࢼ͠ʹ΍ͬͯΈΑ͏ • Beats - Elasticsearch - KibanaͰղੳ • ຊ֨తʹղੳΛ΍Δʹ͸ʁ • LogstashͰϩάΛதܧɾू໿ • ͞Βʹ৭ʑࢼͯ͠ΈΔʹ͸ʁ • ঎༻ϓϥάΠϯ঺հ 3

Slide 4

Slide 4 text

about • Me, Jun Ohtani / Technical Advocate ‒ lucene-gosenίϛολʔ ‒ ElasticSearch Server೔ຊޠ൛ͷ຋༁ ‒ http://blog.johtani.info  • Elasticsearch, founded in 2012 ‒ Products: Elasticsearch, Logstash, Kibana, Beats   X-Pack, Elastic Cloud  Professional services: Support & development subscriptions ‒ Trainings, Consulting, SaaS 4

Slide 5

Slide 5 text

5 ElasticελοΫ

Slide 6

Slide 6 text

ElasticελοΫʢOpen Sourceʣ 6 Kibana Elasticsearch Logstash Beats

Slide 7

Slide 7 text

ElasticελοΫ 7 Elastic Cloud X-Pack Kibana Elasticsearch ! " Logstash Beats +

Slide 8

Slide 8 text

ϝτϦΫε/ϩάղੳΛ ࢝ΊͯΈΑ͏

Slide 9

Slide 9 text

ϝτϦΫεɾϩάͷ෼ੳʢ؆қ൛ʣ 9 σʔλ Import Parse/  Store/Search Visualize

Slide 10

Slide 10 text

ܰྔσʔλγούʔ 10 Beats

Slide 11

Slide 11 text

11 Beats 軽量データシッパーソースからデータを転送転送しElsaticsearchに集約変換とパースのため Logstashに転送 Elastic Cloudに転送 Libbeat: カスタムbeatsのためのAPIフレームワーク 30以上のコミュニティbeats

Slide 12

Slide 12 text

12 FILEBEAT ログファイル METRICBEAT メトリック情報 PACKETBEAT ネットワーク WINGLOGBEAT Windowイベントさらに30を超えるコミュニティ Beatsがあり、増加中 Apachebeat, dockbeat, httpbeat, mysqlbeat, nginxbeat, redis beats, twitterbeat, and more

Slide 13

Slide 13 text

Collect system and application metrics Metricbeat

Slide 14

Slide 14 text

lots of modules Metricbeat

Slide 15

Slide 15 text

tail log from ﬁle Filebeat

Slide 16

Slide 16 text

many modules Filebeat

Slide 17

Slide 17 text

Capture the Packet Packetbeat

Slide 18

Slide 18 text

Capture the Packet Packetbeat

Slide 19

Slide 19 text

Welcome to 1998 winlogbeat

Slide 20

Slide 20 text

Now winlogbeat

Slide 21

Slide 21 text

21 Elasticsearch

Slide 22

Slide 22 text

ݕࡧͱͯ͠ͷ  Elasticsearch

Slide 23

Slide 23 text

Elasticsearchͱ͸ʁ

Slide 24

Slide 24 text

ϑϦʔϫʔυݕࡧ 24

Slide 25

Slide 25 text

ߜΓࠐΈ 25

Slide 26

Slide 26 text

ϋΠϥΠτ 26

Slide 27

Slide 27 text

ιʔτ 27

Slide 28

Slide 28 text

ϖʔδϯά 28

Slide 29

Slide 29 text

ूܭ 29

Slide 30

Slide 30 text

αδΣετ 30

Slide 31

Slide 31 text

Elasticsearch in 10 seconds • εΩʔϚϑϦʔɺ෼ࢄυΩϡϝϯτετΞɺREST & JSON • Φʔϓϯιʔε: Apache License 2.0 • ઃఆͳ͠Ͱ؆୯ʹࢼ͢͜ͱ͕Մೳ • JavaͰ࣮૷ɻ֦ு΋༰қ 31

Slide 32

Slide 32 text

Powerful Search at Scale 32

Slide 33

Slide 33 text

؆୯ͳCRUD

Slide 34

Slide 34 text

σʔλొ࿥ 34 curl -XPUT localhost:9200/books/book/1 -d ' { "title" : "Elasticsearch - The definitive guide", "authors" : "Clinton Gormley", "started" : "2013-02-04", "pages" : 230 }'

Slide 35

Slide 35 text

σʔλߋ৽ 35 curl -XPUT localhost:9200/books/book/1 -d ' { "title" : "Elasticsearch - The definitive guide", "authors" : [ "Clinton Gormley", "Zachary Tong" ], "started" : "2013-02-04", "pages" : 230 }'

Slide 36

Slide 36 text

σʔλ࡟আ 36 curl -X DELETE localhost:9200/books/book/1 σʔλͷऔಘ curl —X GET localhost:9200/books/book/1 curl —X GET localhost:9200/books/book/1/_source

Slide 37

Slide 37 text

ݕࡧ 37 curl -XGET localhost:9200/books/_search?q=elasticsearch { "took" : 2, "timed_out" : false, "_shards" : { "total" : 5, "successful" : 5, "failed" : 0 }, "hits" : { "total" : 1, "max_score" : 0.076713204, "hits" : [ { "_index" : “books", "_type" : “book", "_id" : "1", "_score" : 0.076713204, "_source" : { "title" : "Elasticsearch - The definitive guide", "authors" : [ "Clinton Gormley", "Zachary Tong" ], "started" : “2013-02-04", "pages" : 230 } } ]

Slide 38

Slide 38 text

ݕࡧ - Query DSL 38 curl -XGET ‘localhost:9200/books/book/_search' -d '{ "query": { "filtered" : { "query" : { "match": { "text" : { "query" : “To Be Or Not To Be", "cutoff_frequency" : 0.01 } } }, "filter" : { "range": { "price": { "gte": 20.0 "lte": 50.0

Slide 39

Slide 39 text

෼ࢄߏ੒ɺ  εέʔϧ

Slide 40

Slide 40 text

Basic terms • ΠϯσοΫε ‒ σʔλͷ࿦ཧతͳू߹ɻ  RDBͷσʔλϕʔεͷΑ͏ͳ΋ͷLogical • ϨϓϦέʔγϣϯ • ಡΈࠐΈͷεέʔϥϏϦςΟ޲্ • SPOFͷղফ • γϟʔσΟϯά • ෳ਺Ϛγϯ΁σʔλΛ෼ׂ  ॻ͖ࠐΈͷεέʔϥϏϦςΟ޲্  σʔλϑϩʔ੍ޚ 40

Slide 41

Slide 41 text

γϟʔυͱϨϓϦΧ 41 node 1 orders products 1 4 1 2 2 3 curl -X PUT localhost:9200/orders -d '{ "settings.index.number_of_shards" : 4 "settings.index.number_of_replicas" : 1 }' curl -X PUT localhost:9200/products -d '{ "settings.index.number_of_shards" : 2 "settings.index.number_of_replicas" : 0 }'

Slide 42

Slide 42 text

γϟʔυͱϨϓϦΧ 42 node 1 orders products 1 4 1 node 2 orders products 2 2 3 4 1 2 3

Slide 43

Slide 43 text

ࣗಈతͳ෼ࢄ 43 node 1 orders products 2 1 4 1 node 2 orders products 2 2 node 3 orders products 3 4 1 3

Slide 44

Slide 44 text

શจݕࡧͱ͸ʁ

Slide 45

Slide 45 text

શจݕࡧͱ͸ʁ • શจݕࡧʢFull text searchʣͱ͸ɺίϯϐϡʔλʹ͓͍ͯɺෳ਺ͷจॻ ʢϑΝΠϧʣ͔ΒಛఆͷจࣈྻΛݕࡧ͢Δ͜ͱɻʮϑΝΠϧ໊ݕࡧʯ΍ ʮ୯ҰϑΝΠϧ಺ͷจࣈྻݕࡧʯͱҟͳΓɺʮෳ਺จॻʹ·͕ͨͬͯɺจ ॻʹؚ·ΕΔશจΛର৅ͱͨ͠ݕࡧʯͱ͍͏ҙຯͰ࢖༻͞ΕΔɻ  ʢWikipediaΑΓʣ 45

Slide 46

Slide 46 text

༻ޠ • ΠϯσοΫε ݕࡧΤϯδϯ͕ݕࡧʹ࢖༻͢Δσʔλͷอଘઌ • υΩϡϝϯτʢจॻʣ ‒ ݕࡧΤϯδϯʹอଘ͞Εͨσʔλ • ϑΟʔϧυ ‒ υΩϡϝϯτʹؚ·ΕΔଐੑ • ΫΤϦ ‒ ݕࡧ৚݅ɺݕࡧࣜ 46

Slide 47

Slide 47 text

༻ޠ • εΩʔϚ ‒ υΩϡϝϯτͷߏ଄Λఆٛ͢Δ΋ͷ • λʔϜʢTermʣɺτʔΫϯʢTokenʣ ‒ ΠϯσοΫεͷΩʔʹͳΔ୯ޠʢจࣈྻʣ ‒ จষΛҰఆͷ๏ଇͰ۠੾ͬͨ୯ޠ ‒ ୯ޠ͚ͩͰͳ͘ɺ୯ޠͷҐஔͳͲ΋ؚΉ 47

Slide 48

Slide 48 text

υΩϡϝϯτͷొ࿥ 48 1 2 ΧπΦ͸αβΤͷఋ αβΤ͸ϫΧϝͷ࢞ υΩϡϝϯτͷొ࿥

Slide 49

Slide 49 text

υΩϡϝϯτͷొ࿥ 49 1 2 ΧπΦ͸αβΤͷఋ αβΤ͸ϫΧϝͷ࢞ 1 2 ΧπΦ αβΤ ͸ ͸ ͷ ͷ αβΤ ϫΧϝ ఋ ࢞ υΩϡϝϯτͷొ࿥ ୯ޠʹ෼ׂ

Slide 50

Slide 50 text

υΩϡϝϯτͷొ࿥ 50 1 2 ΧπΦ͸αβΤͷఋ αβΤ͸ϫΧϝͷ࢞ 1 2 ΧπΦ αβΤ ͸ ͸ ͷ ͷ αβΤ ϫΧϝ ఋ ࢞ ΧπΦ αβΤ 1 1 2 ͸ ͷ ࢞ ϫΧϝ 2 1 2 1 2 1 ఋ 2 υΩϡϝϯτͷొ࿥ ୯ޠʹ෼ׂ ୯ޠ͔Βidͷ഑ྻ͕ Ҿ͚ΔΑ͏ʹ

Slide 51

Slide 51 text

ݕࡧ 51 ΧπΦ αβΤ 1 1 2 ͸ ͷ ࢞ ϫΧϝ 2 1 2 1 2 1 ఋ 2 ݕࡧ৚݅ೖྗ ΧπΦɹαβΤ

Slide 52

Slide 52 text

ݕࡧ 52 ΧπΦ αβΤ 1 1 2 ͸ ͷ ࢞ ϫΧϝ 2 1 2 1 2 1 ఋ 2 ΧπΦ αβΤ AND ݕࡧ৚݅ೖྗ ݕࡧ৚݅ͷύʔε  ݕࡧΫΤϦԽ ΧπΦɹαβΤ

Slide 53

Slide 53 text

ݕࡧ 53 ΧπΦ αβΤ 1 1 2 ͸ ͷ ࢞ ϫΧϝ 2 1 2 1 2 1 ఋ 2 ΧπΦ αβΤ AND ݕࡧ৚݅ೖྗ ݕࡧ৚݅ͷύʔε  ݕࡧΫΤϦԽ ΧπΦɹαβΤ

Slide 54

Slide 54 text

ݕࡧ 54 ΧπΦ αβΤ 1 1 2 ͸ ͷ ࢞ ϫΧϝ 2 1 2 1 2 1 ఋ 2 ΧπΦ αβΤ AND ݕࡧ৚݅ೖྗ ݕࡧ৚݅ͷύʔε  ݕࡧΫΤϦԽ ΧπΦɹαβΤ

Slide 55

Slide 55 text

ݕࡧ 55 ΧπΦ αβΤ 1 1 2 ͸ ͷ ࢞ ϫΧϝ 2 1 2 1 2 1 ఋ 2 ΧπΦ αβΤ AND ݕࡧ৚݅ೖྗ ݕࡧ৚݅ͷύʔε  ݕࡧΫΤϦԽ ΧπΦɹαβΤ

Slide 56

Slide 56 text

ݕࡧ 56 ΧπΦ αβΤ 1 1 2 ͸ ͷ ࢞ ϫΧϝ 2 1 2 1 2 1 ఋ 2 ΧπΦ αβΤ AND ݕࡧ৚݅ೖྗ ݕࡧ৚݅ͷύʔε  ݕࡧΫΤϦԽ ΧπΦɹαβΤ

Slide 57

Slide 57 text

ݕࡧ 57 ΧπΦ αβΤ 1 1 2 ͸ ͷ ࢞ ϫΧϝ 2 1 2 1 2 1 ఋ 2 ΧπΦ αβΤ AND ݕࡧ৚݅ೖྗ ݕࡧ৚݅ͷύʔε  ݕࡧΫΤϦԽ ΧπΦɹαβΤ

Slide 58

Slide 58 text

୯ޠͷ۠੾Γํ • ӳޠͷ৔߹ I am speaking Introduction Elasticsearch.     • ೔ຊޠͷ৔߹ ࢲ͸ೖ໳Elasticsearchʹ͍ͭͯ࿩͍ͯ͠Δɻ    58

Slide 59

Slide 59 text

୯ޠͷ۠੾Γํ • ӳޠͷ৔߹ I am speaking Introduction Elasticsearch.     εϖʔε͕੾Ε໨ͱΘ͔Δ • ೔ຊޠͷ৔߹ ࢲ͸ೖ໳Elasticsearchʹ͍ͭͯ࿩͍ͯ͠Δɻ  Ͳ͜Ͱ۠੾Ε͹Α͍ʁ 59

Slide 60

Slide 60 text

N-Gramͱܗଶૉղੳ • సஔΠϯσοΫεͷΩʔͷ࡞Γํ ‒ ೔ຊޠ͸୯ޠͷ੾Ε໨͕Θ͔Βͳ͍ͷͰɺసஔΠϯσοΫεͷΩʔ͸ ओʹ࣍ͷ̎ͭͷख๏Ͱ࡞੒ • N-Gram ‒ NจࣈͣͭจষΛ۠੾Δ • ܗଶૉղੳ ‒ ࣙॻͳͲΛ༻͍ͯҙຯͷ͋Δ୯ޠͰ۠੾Δ 60

Slide 61

Slide 61 text

ܗଶૉղੳ • ϝϦοτɿ ‒ ҙຯͷ͋Δ୯ޠͷ੾Ε໨  ඼ࢺ৘ใΛݩʹ௥Ճॲཧ͕Մೳʢޠװม׵ͳͲʣ • σϝϦοτɿ ‒ ৽ޠʢະ஌ޠʣʹऑ͍→ࣙॻϕʔεͷ৔߹ɺࣙॻʹͳ͍୯ޠ͸ݕग़ෆ ೳɻ 61 ΧπΦ͸αβΤͷఋ ΧπΦ ͸ ͷ αβΤ ఋ

Slide 62

Slide 62 text

N-Gram • ϝϦοτɿ ‒ ະ஌ޠʹରԠՄೳ • σϝϦοτɿ ‒ ΠϯσοΫεංେԽ ‒ ඼ࢺ৘ใʹجͮ͘ॲཧ͕ෆՄೳ 62 ΧπΦ͸αβΤͷఋ Χπ πΦ Φ͸ ͸α αβ βΤ Τͷ ͷఋ

Slide 63

Slide 63 text

ͦͷଞͷػೳ

Slide 64

Slide 64 text

elasticsearch ͞·͟·ͳܗࣜͷσʔλͰ GeoݕࡧՄೳ    Ң౓ܦ౓ɺGeoHashɺ GeoShape… GEO

Slide 65

Slide 65 text

Ecosystem • Plugins ‒ ϓϥάΠϯʹΑΔػೳͷ௥Ճ • ΫϥΠΞϯτϥΠϒϥϦ • Java, Ruby, python, php, perl, javascript, .NET • Scala, clojure, go 65

Slide 66

Slide 66 text

Elasticsearch - The Definitive guide    http://www.elastic.co/guide/en/ elasticsearch/guide/current/index.html 66 ৄ͘͠஌Γ͍ͨํ͸

Slide 67

Slide 67 text

ղੳͱͯ͠ͷElasticsearch

Slide 68

Slide 68 text

aggregation

Slide 69

Slide 69 text

Aggregationͱ͸ • 1.0͔Βಋೖ • FacetΑΓ΋ڧྗͳूܭͳͲ͕Մೳ • ֊૚తͳूܭɺάϧʔϓԽ  ಈతͳूܭɺάϧʔϓԽ • େ͖͘2छྨ • BucketɹυΩϡϝϯτΛ஋͝ͱʹ݁ՌΛάϧʔϐϯά • Metricɹ υΩϡϝϯτͷ࣋ͭ஋Λूܭ 69

Slide 70

Slide 70 text

ྫɿݴޠ͓Αͼ஍Ҭͷूܭ 70 curl -XGET twitter-2014.08.22/_search -d ' { "aggs": { "lang": { "terms": {"field": "lang" }, "aggs": { "place": { "terms": { "field": “place.full_name", "size": 10 } } } } } }

Slide 71

Slide 71 text

ྫɿݴޠ͓Αͼ஍Ҭͷूܭ 71 "aggregations": { "lang": { "buckets": [{…}, { "key": "ja", "doc_count": 980145, "place": { "buckets": [ { "key": "ژ౎ࢢ෬ݟ۠, ژ౎", "doc_count":252 }, { "key": "ઍ୅ా۠, ౦ژ", "doc_count": 39 },…

Slide 72

Slide 72 text

72 KibanaͰՄࢹԽ

Slide 73

Slide 73 text

Kibana 5 • ElasticsearchͷσʔλΛՄࢹԽ • Node.js server & JavaScript • Apache License 2.0 • Elastic Stackͷ૭ͷ໾ׂ • ༷ʑͳGUIΛPluginͱ͍ͯެ։ • MarvelɺSenseɺTimelionͳͲ 73

Slide 74

Slide 74 text

Kibana 5 74

Slide 75

Slide 75 text

Combining Search and Analytics 75

Slide 76

Slide 76 text

σϞ for Kibana5 Access Log 76

Slide 77

Slide 77 text

ຊ֨తʹղੳΛߦ͏ʹ͸ʁ

Slide 78

Slide 78 text

ϝτϦΫεɾϩάͷ෼ੳʢେن໛ɺଟ༷ੑʣ 78 σʔλ Import Parse/  Store/Search Visualize

Slide 79

Slide 79 text

No content

Slide 80

Slide 80 text

80 Logstash

Slide 81

Slide 81 text

Logstash in 10 seconds • ϩάɾσʔλͷऩूɾ؅ཧ • ऩूɺύʔεɾՃ޻ɺૹग़ • ΦʔϓϯιʔεɿApache License 2.0 • Ruby app (JRuby) 81

Slide 82

Slide 82 text

Logstash architecture 82 Input Output Filter ? ? collect and split alter and enrich store and visualize

Slide 83

Slide 83 text

ઃఆ 83 input { … } filter { … } output { … }

Slide 84

Slide 84 text

ઃఆɿinput 84 input { file { path => “/Users/johtani/sample/*_log" start_position => "beginning" } }

Slide 85

Slide 85 text

1ߦ1σʔλ 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0" 85

Slide 86

Slide 86 text

ઃఆɿfilter 86 filter { grok { match => { "message" => "%{COMBINEDAPACHELOG}" } break_on_match => false } date { match => ["timestamp", "dd/MMM/YYYY:HH:mm:ss Z"] locale => en } geoip { source => ["clientip"] } useragent { source => "agent" target => "useragent" } }

Slide 87

Slide 87 text

ύʔε 87 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0" {… "@timestamp": "2015-04-10T09:07:49.325Z", "clientip": "189.120.xx.xx", "ident": "-", "auth": "-", "timestamp": "02/Dec/2014:12:18:29 +0900", "verb": "GET", "request": "/manager/html", … "agent": "\"Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/

Slide 88

Slide 88 text

ઃఆɿfilter 88 filter { grok { match => { "message" => "%{COMBINEDAPACHELOG}" } break_on_match => false } date { match => ["timestamp", "dd/MMM/YYYY:HH:mm:ss Z"] locale => en } geoip { source => ["clientip"] } useragent { source => "agent" target => "useragent" } }

Slide 89

Slide 89 text

೔෇ͷύʔε 89 {… "@timestamp": "2015-04-10T09:07:49.325Z", … "timestamp": "02/Dec/2014:12:18:29 +0900", … } {… "@timestamp": "2014-12-02T03:18:29.000Z", … "timestamp": "02/Dec/2014:12:18:29 +0900", … }

Slide 90

Slide 90 text

ઃఆɿfilter 90 filter { grok { match => { "message" => "%{COMBINEDAPACHELOG}" } break_on_match => false } date { match => ["timestamp", "dd/MMM/YYYY:HH:mm:ss Z"] locale => en } geoip { source => ["clientip"] } useragent { source => "agent" target => "useragent" } }

Slide 91

Slide 91 text

IP͔ΒҢ౓ܦ౓ͳͲ෇༩ 91 "clientip": "189.120.xx.xx", "clientip": "189.120.xx.xx", "geoip": { "ip": “189.120.xxx.xxx”, … "country_name": "Brazil", "continent_code": "SA", "region_name": "27", "city_name": "São Paulo", "latitude":

Slide 92

Slide 92 text

ઃఆɿfilter 92 filter { grok { match => { "message" => "%{COMBINEDAPACHELOG}" } break_on_match => false } date { match => ["timestamp", "dd/MMM/YYYY:HH:mm:ss Z"] locale => en } geoip { source => ["clientip"] } useragent { source => "agent" target => "useragent" } }

Slide 93

Slide 93 text

ϢʔβΤʔδΣϯτͷύʔε 93 "agent": "\"Mozilla/5.0 (Windows NT 5.1; rv: 5.0) Gecko/20100101 Firefox/5.0\"" "agent": "\"Mozilla/5.0 (Windows NT 5.1; rv: 5.0) Gecko/20100101 Firefox/5.0\"" "useragent": { "name": "Firefox", "os": "Windows XP", "os_name": "Windows XP", "device": "Other", "major": "5", "minor": "0"

Slide 94

Slide 94 text

ઃఆɿoutput 94 output { elasticsearch { hosts => ["localhost"] index => “demo_access_log-%{+YYYY.MM.dd}” } }

Slide 95

Slide 95 text

͞Βʹ׆༻͢Δʹ͸ʁ

Slide 96

Slide 96 text

elasticsearch-hadoop 96 - •  D E H •  PD ecd ER •  g D •  CH •  Ca M DMS D FERC

Slide 97

Slide 97 text

97 X-Pack ؆୯ʹΠϯετʔϧ Elastic StackΛ֦ு αϒεΫϦϓγϣϯʹؚ·ΕΔ Security Alerting Monitoring Reporting Graph Machine Learning

Slide 98

Slide 98 text

Security

Slide 99

Slide 99 text

X-Pack : Securityͷಛ௃ • User Authentication ‒ LDAP/Active Directory/ϑΝΠϧϕʔε • Authorization ‒ ϩʔϧϕʔεͷΞΫηείϯτϩʔϧ ‒ ΠϯσοΫε͝ͱɺΞΫγϣϯ͝ͱͷઃఆ͕Մೳ ‒ υΩϡϝϯτɾϑΟʔϧυ͝ͱͷઃఆ΋Մೳʹ • ηΩϡΞͳ௨৴ ‒ ElasticsearchϊʔυؒͷSSL/TLSɺIPϑΟϧλϦϯά • ؂ࠪϩά 99

Slide 100

Slide 100 text

ΨΠυͳͲ • ϓϩμΫτϖʔδ ‒ https://www.elastic.co/jp/products/x-pack/security • ΨΠυ ‒ https://www.elastic.co/guide/en/x-pack/current/xpack-security.html 100

Slide 101

Slide 101 text

Alerting

Slide 102

Slide 102 text

X-Pack : Alertingͷಛ௃ • ΫΤϦʹΑΔWatch ‒ ElasticsearchͷΫΤϦΛར༻ͯ͠σʔλͷ؂ࢹ • ৚݅ͷઃఆ ‒ ΞΫγϣϯΛ࣮ߦ͢Δ͔Ͳ͏͔ͷઃఆ • εέδϡʔϧ ‒ ΫΤϦΛ࣮ߦ͠ɺ৚݅ΛνΣοΫ͢Δස౓ͷࢦఆ • ΞΫγϣϯͷఆٛ ‒ ϝʔϧͷૹ৴ɺଞγεςϜ΁ͷσʔλૹ৴ͳͲͷಈ࡞Λઃఆ • ཤྺͷอଘ 102

Slide 103

Slide 103 text

ΨΠυͳͲ • ϓϩμΫτϖʔδ ‒ https://www.elastic.co/jp/products/x-pack/alerting    • ΨΠυ ‒ https://www.elastic.co/guide/en/x-pack/current/xpack-alerting.html 103

Slide 104

Slide 104 text

Graph

Slide 105

Slide 105 text

Graphͷಛ௃ • σʔλؒͷͭͳ͕ΓΛ୳ࡧ͢ΔϓϥάΠϯ • KibanaϓϥάΠϯʹΑΓGUIΛར༻ͯ͠୳ࡧՄೳ 105

Slide 106

Slide 106 text

ΨΠυͳͲ • ϓϩμΫτϖʔδ ‒ https://www.elastic.co/jp/products/x-pack/graph    • ΨΠυ ‒ https://www.elastic.co/guide/en/x-pack/current/xpack-graph.html 106

Slide 107

Slide 107 text

107 Elastic Cloud Elasticsearch, Kibanaͷ ϚωʔδυαʔϏε X-Packͷػೳ΋ར༻Մೳ Available in AWS today

Slide 108

Slide 108 text

108

Slide 109

Slide 109 text

109 Elastic Cloud Enterprise ෳ਺ͷElastic Stack؀ڥΛࣗࡏʹ࡞੒ Logging as a serviceΛࣗ૊৫ʹల։ Public beta; Expected GA Q1 2017

Slide 110

Slide 110 text

ࢀߟจݙ • Elasticsearch - The Definitive guide ‒ http://www.elastic.co/guide/en/elasticsearch/guide/current/index.html • ॻ੶ʢ೔ຊޠʣ ‒ ElasticSearchServer೔ຊޠ൛  αʔό/ΠϯϑϥΤϯδχΞ  ɹཆ੒ಡຊɹϩάऩू 110

Slide 111

Slide 111 text

ࢀߟαΠτ • Ϣʔεέʔε • https://www.elastic.co/use-cases • DiscussʢWebϑΥʔϥϜʣ • https://discuss.elastic.co • Elastic{ON}ͷϏσΦͱࢿྉ • https://www.elastic.co/elasticon/videos • αϙʔτϝχϡʔ • https://www.elastic.co/subscriptions 111

Slide 112

Slide 112 text

Thanks for listening! Q & A We’re hiring! https://www.elastic.co/about/careers/ We’re helping! https://www.elastic.co/subscriptions http://training.elastic.co