we are thinking of deploying ELK stack for our cloud only based company (azure). We are in several Azure regions and would like to have a look at all logs from all these regions. Because in Azure there is no peering between regions I wonder what is your approach to get all the logs into ELK (we don't have on-premise servers):
- install ELK in every region ?
- install one ELK in one region + create VPN between Azure regions ?
- anything else ?
FYI we’ve renamed ELK to the Elastic Stack, otherwise Beats feels left out
The options you have described are all valid. You can use things like cross cluster search to federate views across multiple clusters, or ship everything to one.
it really depends on your ultimate requirements.
thanks for your feedback.
What are pros and cons of each solution ?
Which solution from the above options do you recommend to:
- be the most friendly from management point of view
- be cost friendly
What do you usually choose when dealing with logs generated in multiple regions ?
What is a management point of view?
How do you define cost friendly? I don't know your infrastructure, those costs or your budget so I can't comment there.
By management point of view I mean to not spend too much time maintaining it. We are small team and we cannot dedicate anyone just to maintain ELK. So ideally we should have one ELK stack for everything. But it may generate additional cost because when you ship logs across cloud regions you pay for it. So I am looking for some balance between maintenance and cost.
Ok. Then that really feeds back into the same points.
Don't mean to ignore them, but you are best placed to test and make that decision. You can always use Elastic Cloud to host Elasticsearch and Kibana, reducing your operational overheads
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.