Logstash or Metricbeat best for Cloudwatch?

Hi There,

It appears that Elastic now has two supported methods of getting Cloudwatch Metrics into ES, Metricbeat and Logstash.

Does the new v7 Metricbeat implementation now supersede the Logstash one? I'm about to implement some Cloudwatch ingest into my ES setup and want to make sure I'm using the best (most reliable, mature and feature rich) implementation.

Many thanks,
Nick George

Hi @nick-george Thanks for asking this question here. My understanding for the new V7 Metricbeat implementation is completely different than what we already have in Logstash. I'm not familiar with Logstash but based on https://www.elastic.co/guide/en/logstash/current/plugins-outputs-cloudwatch.html
seem like logstash has a cloudwatch plugin to aggregate and send metric data to AWS CloudWatch.

Metricbeat aws module is to collect metrics to monitor different services. For example in 7.0.0, we have ec2 metricset, which goes to cloudwatch to query ec2 metrics and send it to ES.

Thanks Kaiyan_Sheng.

I was referring specifically to the logstash-input-cloudwatch plugin https://www.elastic.co/guide/en/logstash/current/plugins-inputs-cloudwatch.html

Cheers,
Nick

To answer my own question, it appears that the Metricbeat implementation will figure out all the timestamps for you, ensuring the Metric event timestamps line up with the event timestamps in ES. The Logstash implementation does not appear to do this for you, meaning it is difficult to produce any meaningful visualisations based on its output.

Furthermore, the Metricbeat implementation ships with dashboard(s), unlike the Logstash one.

Thanks @nick-george for all the information. Not sure if this will help, https://github.com/elastic/beats/issues/10115 we have this issue to track all the on going development on aws module for metricbeat. Please feel free to comment on it. Thanks.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.