Data Correlation in Elasticsearch

Gauti · September 16, 2020, 12:56pm

Hi All,

I just wanted to know whether i can use ELK for my use case, please suggest.

WE are using ELK for dashboarding and reporting purpose, for this we are fetching data from multiple datasources like (servicenow, solarwinds & dynatrace), now the ask is whether data correlation can be done and created visualizations out of it?

Data correlation e.g: ticket generated in servicenow for server down(captured in solarwinds) and related application is down(captured in dynatrace)........

Can we do data correlation and build executive dashboards using the ELK stack

Thanks
Gautham

Iker · September 16, 2020, 1:42pm

Yes, there are several ways to accomplish that, my suggestion is that you build your events upon the Elastic Common Schema (https://www.elastic.co/guide/en/ecs/current/ecs-field-reference.html), so you always know the name of your main fields; the pipeline could be something like this "Beats(Gathering Data)->Logstash (Enrich and field mapping to ECS)->Elastic(Search, Index and Correlation)"

system · October 14, 2020, 1:43pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.