Azure Event Hub Explanation

gabrieligbastos · January 31, 2023, 11:51pm

Hello,

Im new to ELK Stack, and Im trying to increase observability with it. Im here have some doubts that I could not find a answer in other topics, probably because my problem is just too newbie!

I deployed the ELK Stack through elastic.co, and I have all my services hosted at Azure. I got my services embeded with Elastic-Agent reporting metrics and being managed by my deployed Fleet Server. Also, got two services up and running reporting traces to APM.

Now, i was trying to accomplish to also observe my Azure's hosted Postgres Server. Reading I imageine the best flow is

Azure Postgresql > Azure Event Hub > Logstash > Elasticsearch

Is that right, in this flow, I would also be possible to monitor other services hosted there (Azure App Gateway, and others, right?)

But than, the problem is, how do i accomplish this link of Event Hub so it appears the logs/metrics/traces in my Kibana/APM as part of the transactions?

I findout this: GitHub - logstash-plugins/logstash-input-azure_event_hubs: Logstash input for consuming events from Azure Event Hubs
But I dont understand the concept of plugin, should I host a container that will be responsible up and running fetching from Azure Event Hub and sending to Logstash, is that it? And then it might solve my problem?

Can someone give me a tip of the best way to accomplish this? Tried to findout some examples to better understand the concepts but could not.

Thanks in regards,

gabrieligbastos · February 1, 2023, 12:04am

Or can I just run a elastic agent from docker original hub
Enroll it with Fleet token

Add a specific privacy that will have only this azure event hub integration setup with Azure Hub connection string / name

Will that be enough to accomplish what I just asked for?

stephenb · February 1, 2023, 2:37am

Hi @gabrieligbastos Welcome to the comunity and thanks for using Elastic Cloud.

For PostgreSQL Observability... that is probably not the best flow...

For the Metrics I would use :
I would use the Elastic Agent you will need to install somewhere on a VM or Docker etc and then use the PostgreSQL Integration.

PostgreSQL -> Elastic Agent PostgreSQL Integration Metrics -> Elastic Cloud

That would be my initial thought

For the Logs... Perhaps shipping through the event hub makes sense
But then I would probably use elastic agent for that there is an Azure Event Hub Input

Azure Postgresql > Azure Event Hub > (Elastic Agent) Azure Event Hub Input > Elastic Cloud

system · March 1, 2023, 2:37am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Azure App Services to ELK Logstash	16	4757	June 17, 2021
Azure Cloud Monitoring with the Elastic Stack Elasticsearch	1	341	April 22, 2020
How to use logstash to get the data from Azure storage or Event Hub Logstash	1	266	June 30, 2020
Combining ELK with Azure Elasticsearch	2	714	February 14, 2018
Sending azure_event_hub messages to elasticsearch Logstash	7	4452	March 18, 2019

Azure Event Hub Explanation

Related topics