Best practices for on boarding ELK stack

rahul.dhammy · February 9, 2017, 6:08pm

Hi All
I am just trying to setup ELK with my windows based services. I am using log4net for my logs and want to use ELK stack for centralized log processing.
My question is what are the best practices for setting the ELK stack? To be more specific correct me for any of my understandings below

Elastic server be a central server and would not be on my application box.
Logstash would be central server and would not be on my application box.
Kibana would be a central server and would not be on my application box.
I will use filebeats on my application box to forward data to Logstash (so that logstash could massage the data)
The overall flow would be filebeats would ship my application logs -> Logstash-> elastic search -> Kibana

On same lines is it advisable to write logs directly to elastic using loig4net appender? I think there would be latency issues and other concerns here is such an approach.

warkolm · February 13, 2017, 8:46am

1-3 yes ideally.
3 yes.
5 Yes.

It can be done, but you do need to be aware of things like that. Or what happens if the agent cannot connect.

rahul.dhammy · February 13, 2017, 2:12pm

Thanks @warkolm

system · March 13, 2017, 2:12pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Recommended ELK architecture for production? Elasticsearch	15	12160	July 5, 2017
Need help on logging solution Logstash	7	448	October 25, 2018
Rsyslog and Logstash production setup Logstash	4	543	July 6, 2017
How to install and configure elk elastic stack 7.3 with auditbeat complete video guide Elasticsearch elastic-stack-monitoring	1	496	September 14, 2019
Where to start about managing network device logs Elasticsearch	2	1726	September 2, 2017

Best practices for on boarding ELK stack

Related Topics