hi guys,
currently I have one cluster with v5.6.x and, even thought we have scheduled to upgrade it to v6.8, I have to dive deeper regarding the query sent to ES just to check what is happening in that moment.
I found this Elastic's blog article and I would like to know if I can still consider it valid or not.
Furthermore, I would like to know if the xpack.monitoring feature (available on v6.x) could be considered as equivalent to Packetbeat usage described in that article or not.
thanks
Hey,
this article is already three years old, so it's time for a quick update. 
First, the current stack monitoring has nothing to do with packetbeat. Take a look at https://www.elastic.co/what-is/elasticsearch-monitoring (go to the getting started link at the end to see how to get going).
Also, you might want to check out the documentation at https://www.elastic.co/guide/en/kibana/6.8/xpack-monitoring.html
Hope this helps!
--Alex
thanks @spinscale.
I already use xpack.monitoring and xpack.monitoring.collection on another cluster.
unfortunately, in my current situation, I would like to trace the search request sent to my ES cluster; using xpack.monitoring I'm seeing that I cannot to that. Am I wrong?
you could use the slow log to log every query or indeed packetbeat, if your data is not encrypted.
Yes, my data is encrypted so https could not be linked to Packetbeat usage. anyway, I suppose that I should try to use slow log feature but I don't know if I could then visualize them using Kibana.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.