Help to setup Metricbeat to push system/application metrics to ES cluster

Arunlal_A · April 17, 2019, 6:17am

Hey guys,

Need some help on implementing Metricbeat on Production environment. I have tested the working locally (ELK stack on Laptop) and it good for collecting System level and Application level metrics. Now we're planning to implement this setup on our Production infra (~200 heavy servers) for collecting system metrics and application (includes PostgreSQL, Cassandra, HAproxt, Tomcat etc).

We have 5 node ES cluster in our RELK stack. Now we sending system logs to Logstash, then Redis as buffering platform. The ES cluster is in different network, so we are not planning to send Metricbeat output to ES cluster directly.

Please suggest the best way / practices to achieve this. Following are the options I found:

Set Metricbeat output to ES (Not preferring, as it's in different subnet)
Set Metricbeat output to Logstash.
Set Metricbeat output to Redis.
Any way to set the Metricbeat itself to collect data from Metricbeat in agent servers? Like some input mechanism?
I also tested the Metricbeat "internal queue" mechanism (queue.spool) with ES as output. Will this work for all other output type (like Logstash, Redis etc)?

I appreciate your suggestions!!
Thanks

jsoriano · April 19, 2019, 9:39pm

Hi @Arunlal_A,

If possible I'd suggest setting ES as output. If the only problem with this option is the network separation there is a solution. You can add coordinator nodes to the networks where metricbeat is running and make these nodes the only ones that have access to the network where your Elastic Stack is running. This way you don't need to add additional elements, and it is also easier to setup metricbeat when it sends events directly to Elasticsearch.

Logstash, and Redis (or Kafka) can also be valid options, but I'd only use them if you have some other requirements or more complex architectures.

I am not sure of understanding this question.

If you mean to monitor metricbeat itself, take a look to Metricbeat monitoring.
If you mean to make Metricbeat listen for custom events, take a look to the HTTP Server metricset.
If you mean to monitor your own software, you can also take a look to the APM solution.

Yes, this queue is independent of the output, events are stored in this queue before being sent to the outputs.

Arunlal_A · April 25, 2019, 5:49am

Thanks @jsoriano for this detailed explanation.
Let me go through this and will get back to you.

Topic		Replies	Views
Sending Metricbeat Logs directly to Elasticsearch Elasticsearch	2	722	September 8, 2017
Regarding the Metricbeat ship the Metrics One to another Cluster Beats metricbeat	0	46	January 16, 2025
Metricbeat - logstash - redis - elasticsearch Beats metricbeat	6	872	July 12, 2017
How to push multiple metricbeat instance from multiple machines into 1 ES instance? Beats metricbeat	4	2054	January 1, 2018
Install metricbeat agent on all ES nodes in my cluster Beats elastic-stack-monitoring , metricbeat	5	453	June 4, 2019

Help to setup Metricbeat to push system/application metrics to ES cluster

Related topics