Beginners ELK design doubts

arpitwanchoo · April 17, 2017, 3:58pm

Hi
I am exploring the ELK framework for creating a centralized logging system across all our application(java,ruby,php) running on ec2 ubuntu servers . After going through some readings I have few doubts :

How Is log stash indexer scalable horizontally ? Can we simply configure it behind a load balancer and simple keep adding/removing boxes in variance with load ? Is it stateless ?
How to decide whether to use kafka queue or redis queue ?

3)Will I need to correct logging formats in all my applications for it to be useful or that can be done by logstash itself ? Can single logstash server handle logs with different formats from different applications ?

How is filebeat in comparison to logstash forwarder ?

warkolm · April 18, 2017, 3:27am

Yes to those.
What's easier?
That's exactly what LS is for!
Don't use the latter, it's 100% unsupported.

arpitwanchoo · April 18, 2017, 5:08am

Thanks Mark for quick response.

Regarding Kafka vs Redis , what factors should help in deciding ?
Factors I would consider is :
a) fault tolerance
b) cost
c) ease of maintenance/setup

As per my understanding, a) and b) would be in favor of kafka while c) in favor redis

Would be good to have other opinions as well

warkolm · April 18, 2017, 8:33am

That's a fair summary of the two, based on my experience.

system · May 16, 2017, 8:45am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Architecture advice(for my needs: several applications, multiple files...) Logstash	2	594	July 6, 2017
Redis Cluster vs. Kafka Elastic Community and Ecosystem	3	6097	July 6, 2017
A ELK-Design Question Elasticsearch	2	713	July 5, 2017
Using ELK to create a unified logging system with large log input Logstash	4	737	July 6, 2017
Which architecture of logstash forwarder or redis is good in scalable perspective? Logstash	2	2832	July 6, 2017

Beginners ELK design doubts

Related topics