Predictive analysis using elasticsearch?


(Sunil Chaudhari) #1

Hi,
We are trying to use ELK stack for major incidence management systems and its data use for predictive analysis.
Can somebody put focus on some use case, how can we utilize ELK stack?

br,
Sunil.


(Ashish Yadav) #2

Hi Sunil,

In order to create a Incidence management, you can query the data from Elasticsearch and design your software to predict the incidence accordingly based on the data you will receive. That is how it can benefits you for a longer run.

For an example:

  1. If you have been running the Webserver and pushing that server's logs into ELK for real-time monitoring, if u have configured your logic properly in incidence management, to predict the problem when someone is trying to bring down your Webserver by sending a lots of "GET" queries to your Webserver (a kind of "DDOS" attack) then it should create a incident for this.

  2. If in your server, someone is trying to break-in, here your application will raise a flag or incident for this based on the data it will get from the ELK stack.

FYI - ELK stack do have plugin called "Watcher" which comes with "X-Pack" now in 5.0 version, that can also help you to achieve above things. You can use this plugin at the back-end of your application to get the data from ELK stack and design your application accordingly.

--
Ashishkumar S. Yadav


(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.