In order to collect, visualize, analyze logs, we decided to use ELK to finish those related jobs. In two serials of blog, we have already introduced some basics about Logstash and Elasticsearch: Elasticsearch Learning (1): Introduction Logstash Learning (1): Basic If you are not familiar with Elasticsearch and Logstash, you may find those posts useful. ELK Architecture ELK architecture First, we would like to go through the recommended architecture in official document : Multiple nodes – for robustness and resilience against node failure; Filebeat – which ensure the at-least-once delivery and enable load balance to send logs across multiple Logstash nodes; Logstash – enable persistent queue, to provide protection across node failures; Elasticsearch Now, we come to how to setup Elasticsearch clusters. The basic configs to set up a cluster is very easy in Elasticsearch. Bind Address We can choose an array of addresses to let Elasticsearch to bind, so Elasticsear...
Learn programming, still on the way