Best practices for on boarding ELK stack

rahul.dhammy · February 9, 2017, 6:08pm

Hi All
I am just trying to setup ELK with my windows based services. I am using log4net for my logs and want to use ELK stack for centralized log processing.
My question is what are the best practices for setting the ELK stack? To be more specific correct me for any of my understandings below

Elastic server be a central server and would not be on my application box.
Logstash would be central server and would not be on my application box.
Kibana would be a central server and would not be on my application box.
I will use filebeats on my application box to forward data to Logstash (so that logstash could massage the data)
The overall flow would be filebeats would ship my application logs -> Logstash-> elastic search -> Kibana

On same lines is it advisable to write logs directly to elastic using loig4net appender? I think there would be latency issues and other concerns here is such an approach.

warkolm · February 13, 2017, 8:46am

1-3 yes ideally.
3 yes.
5 Yes.

It can be done, but you do need to be aware of things like that. Or what happens if the agent cannot connect.

rahul.dhammy · February 13, 2017, 2:12pm

Thanks @warkolm

system · March 13, 2017, 2:12pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Configuring a new environment with Logstash Logstash	5	394	June 10, 2018
Is it good to implement ELK Stack without Elastic Search? Elastic Community and Ecosystem	3	4480	March 23, 2018
Quick query about accepting data logstash or filebeat? Elasticsearch	6	557	October 9, 2017
Sending logfiles with Filebeats: Do I need to Install the entire ELK Stack on My Client Server? Elasticsearch	3	702	August 14, 2018
Log4j w/ Filebeats + Logstash - best practice(s)? Beats filebeat	2	8188	December 8, 2017

Best practices for on boarding ELK stack

Related topics