Resources for modeling application log data?

I've been working with our application logging and creating Kibana dashboards for a little while now.

I wonder though if I'm missing some best practices or techniques for designing the log messages themselves to get the most out of ELK. My inclination is to keep a single log message specific to a given topic or metric; but I wonder if more complex log statements might be better in some situations?

Are there any resources out there for this level of design thinking? Otherwise it's just trial and error, and I don't know if I've really gotten the most out of ELK. Searching Google for "best practices for application logging and Kibana" brings up results that are too high level (e.g. how to design to avoid shards, etc.)

Have you looked at our beats dashboards - built in - to see if they will give you some inputs?

Metricbeat: Lightweight Shipper for Metrics | Elastic.
I am transferring your topic to our logs forum to see if people there can help.

Thanks,
Bhavya

Thanks,
Bhavya

I have not, however, someone pointed me to Elastic Common Schema and I'm going to plunge into that.

I have not, however, someone pointed me to Elastic Common Schema and I'm going to plunge into that.

For compatibility with the Logs UI ECS is the way to go for sure.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.