About me

AGENDA - ELK

La stack ELK
Les trois principaux composants de la stack
Comment peut-on tester la stack ELK rapidement?
Demo
D'autres composants de la stack

La stack ELK

Elasticsearch Logstash Kibana

Est une full stack distribuée utilisé souvent pour l'analyse des logs, mais aussi pour l'exploration des données en temps rèel
Alternative:
- Splunk :)
- Solr pour elasticsearch
- Grafana pour Kibana
- ...

ELK

End To End Stack that can deliver big data real time analysis

Utilisateur

Logstash

Mes données

Elasticsearch

Kibana

Vizualisation

Sauvegarde et recherche

Ingestion et traitements de nettoyage

json
http
kafka
salesforce
s3
file (logs,json...)
...

Temps-Reel
Distribué
Schema-less
Speaks JSON
Restful API
Basé sur Lucene

Intégration facile avec Elasticsearch
Mise en place facile
Analyse Ad-Hoc
Dashboards

Comment tester LA STACK ELK RAPIDEMENT?

1. Utiliser le "ELK as a Service"

https://www.elastic.co/fr/cloud/as-a-service

Trial de 14 jours
1 GB mémoire
24 GB disk

2. UTILISER DOCKER

https://hub.docker.com/r/sebp/elk/

https://hub.docker.com/r/sebp/elk/
1GB memory
24GB storage
High availability across two zones

DEMO

https://github.com/veve90/VideoCapgeminiELK

Les DONNES DE DEMO

{
	"venue": {"venue_name": "Lavender MRT Station","lon": 103.841484,"lat": 1.289644, "venue_id": 23389692},
	"visibility": "public",
	"response": "yes",
	"guests": 0,
	"member": {
		"member_id": 98130812,
		"photo": "https:\/\/secure.meetupstatic.com\/photos\/member\/1\/4\/f\/2\/thumb_126845362.jpeg",
		"member_name": "LOO CHOON BOON"
	},
	"rsvp_id": 1662954951,
	"mtime": 1491964070655,
	"event": {
		"event_name": "Nature cafe @Aperia mall ", "event_id": "239125933", "time": 1493116200000,
		"event_url": "https:\/\/www.meetup.com\/TRAVEL-LEISURE-CARE\/events\/239125933\/"},
	"group": {
		"group_topics": [{
			"urlkey": "hiking",
			"topic_name": "Hiking"
		},
		{
			"urlkey": "socialnetwork",
			"topic_name": "Social Networking"
		}],
		"group_city": "Singapore",
		"group_country": "sg","group_id": 14057192,
		"group_name": "TRAVEL, LEISURE & CARE  (TLC)",
		"group_lon": 103.85,"group_urlname": "TRAVEL-LEISURE-CARE","group_lat": 1.3
	}
}

LES DONNES DE DEMO

http://stream.meetup.com/2/rsvps

LA CONFIGURATION LOGSTASH

input { pipe { command => "curl -i http://stream.meetup.com/2/rsvps"} }
filter {

json { source => "message" }
}
output {
elasticsearch{
hosts=>["127.0.0.1:9200"]
index => "capgemini_meetup"
document_type => "capgemini_meetup_rsvp"
flush_size => 1000 }
stdout{ codec=>rubydebug}
}

D'autres composants de la stack

Beats
La X-PACK contient:
- Securité : l'ancien shield
- Alerting : watcher
- Monitoring: marvel
- Reporting: Kibana
- Graph: graph
...

ELK

About me

AGENDA - ELK

La stack ELK

Elasticsearch Logstash Kibana

ELK

Comment tester LA STACK ELK RAPIDEMENT?

1. Utiliser le "ELK as a Service"

2. UTILISER DOCKER

DEMO

Les DONNES DE DEMO

LES DONNES DE DEMO

http://stream.meetup.com/2/rsvps

LA CONFIGURATION LOGSTASH

D'autres composants de la stack

Merci beaucoup!

ELK #Capgemini

ELK #Capgemini

Alina GHERMAN

ELK

ELK #Capgemini

More from Alina GHERMAN