Multiple client nodes in dashboard

Elastic Stack Kibana
#1

Hi.

Currently I'm trying to setup ELK for our infrastructure and figuring out whether ELK(especially kibana) fits our needs.

Shortly, we have an infrastructure which looks like: frontend node->middle node -> multiple worker nodes. Now, I want to somehow show this into dashboard, to group dashboards by host name and have a clear view what is going on in all nodes and at the same time to be flexible when I want to add a new node to not require changes in the dashboard or visualizer. The same thing I want to do with logs, specific application logs from different nodes to have them grouped by hostname/nodename or smth like that. Also, in dashboard to show somehow that nodeX is connected to nodeY(let's using heartbeat to check that some TCP/API connection is OK).

I know that the description may not be complete because I don't yet have a clear view on how this will look like in the end but I just want to get some input from someone which already have some experience with this.

Thank you!

#2

Hi,

sorry for the late reply.

First of all, the term ELK is not used anymore, but instead we use Elastic stack (because with adding further software like Beats, BELK and ELK-B are just sounding too horrible :scream: )

I am not exactly sure if I understand what you are trying to do completely. You can attach a field for your hostname to all logs or even to the "group of nodes" or something like that and group for that perfectly fine. E.g. if you have this architecture once per customer, you could add a field customer_cluster_id and just look at documents/logs from that specific customer id. Same could of course also be done for hostnames and such.

If you are trying to visualize connections between those nodes, I would need some more information what you are exactly trying to do, or how this should look like.

Cheers,
Tim

1 Like
#3

Ou yes Elastic stack :slightly_smiling_face:

Here is what I want todo:

As said I have a frontend -> middle node -> agents nodes so, frontend is communicating with middle node via some API/services(like rabbitmq) and middle node is communicating with agents nodes also via rabbitmq(but can be other connections as well). Now I want to make a dashboard where you see from one glance what is going on into your infrastructure.

  • Status of all nodes in the infrastructure: up/down
  • Frontend: Are all services running? Which are up/down
  • Middle node: Are all services running? How to show this connection between nodes services?
  • Agents Node(this nodes can be dynamically added): Show each node with proper services status and system status.

Now I can see that when we create a visualizer we can filter by specific tag/hostname. But in case that we add a new agent node how can it automatically show in the dashboard with proper stats that we want?

Thx!

#4

You don't necessarily need to filter for specific tags or hostnames in a visualization, unless you explicitly want to only look at one at a time. You could create visualizations that use terms aggregations underneath to query for info on all the hostnames in your data. For example, you could make a line chart that shows bandwidth for each host, and split the chart using a terms aggregation on the host field - that would show a line for each host.

Take a look at Metricbeat and Packetbeat which are products of the Elastic stack. Those products will allow you to collect information about the nodes and the services that run on them and index them into Elasticsearch. You could make visualizations based on that data. The Time Series Visual Builder is often demonstrated to visualize this kind of information and there are some helpful videos linked to from the Elastic Blog about it.

If you're looking for some kind of visualization that shows a connected graph of all the nodes in the architecture, there is not a visualization built into Kibana like that today. I'm not sure, but you may be able to find a plugin visualization that provides that using something like the WebCola JS library to render a graph layout.

#5

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.