Hi,
I'm trying to learn elascticsearch and stuff related to it and I have a few questions. I'm trying to figure out what to use to build a logging server and for the starting example the events that should be logged are events from media player: playback session started then there could be playback paused, resume, seek, buffering etc multiple times in random order and at the end there is playback stopped event. These logs are coming from mobile devices over UDP, or I may log these events using http (get or post). Basically when playback starts device generates some random session ID and then all following events are logged with the same session ID so that on the server side I could see events timeline about particular playback session.
From my original understanding I do need elasticsearch and kibana (to view the logs). There is big list of elastic products and I have no clue which ones I'll probably need. Any suggestions what should I be looking at?
I followed "How To Install Elasticsearch, Logstash, and Kibana (ELK Stack) on Ubuntu 14.04" guide which was the only one that I was able to use to get something working. In this guide it collects sshd and syslog logs using filebeat from multiple machines and sends it to a central elasticsearch server where logstash handles incoming feeds from filebeat loggers and then logstash feeds processed logs to elasticsearch and kibana is used to display the logs. In my case that filebeat part doesn't seem to be relevant as I don't have any log files (I could write my logserver and log all incoming udp/http posts toa file, but it doesn't seem like an optimal solution).
Can you please suggestion what I should be looking into for my logging scenario? Thanks.