Is it mutitenecy supported by ELK?

Elastic Stack Elasticsearch
1

He Tam,

We need to monitor multiple accounts servers from centralize location.
what data collection method is used by Beat ? weather pull by ElasticSearch or push by Beat to Elastic ?
if any failure in network in between Beat and ElasticSearch can data store locally and push on schedule time ?

  • How we can add multiple account server and segregation based on the account name in dashboard?
  • what the option available for windows server monitoring?
  • Is it multi tenecy supported by ELK ?
2

How to aggregate the host from multiple account under on ELK stack for more details

3

Elasticsearch is passive in its approach, so you need to push data to it. Beats will pull the information from their source, and push to Elasticsearch.
If Beats cannot connect to Elasticsearch, it will remember the file location, or cache data locally so that it can send it over when it can reconnect.

On your points;

  • Yes, Security can handle that
  • Metricbeat can collect metrics, Winlogbeat will pull event log data, Filebeat can collect other file based data. It depends on what you need
  • Depends on what you mean by this. It can handle multiple users reading the data. It can handle multiple sources of data
4

Is possible to push the Data transportation from Beat to ElasticSearch as per schedule houlry instead of continuously

5

Not natively, you'd need to wrap each Beat with something to manage this.

6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.