There are two separate departments in the company I work for. One is Infrastructure and the other is Application Management.
Infrastructure says this;
I only want to access CPU, RAM, Disk, Network metrics and events of Linux servers.
Application Management says this;
We will provide you the directories of our applications on the servers and we want to be able to observe the logs there from ELK, create alerts and be aware of anomalies.
The problem is this;
They both use their own ELK Deployments, so there are two different deployments in the ELK Cloud we are using, but I have to install a single agent on the servers.
As far as I searched here, two agents cannot be installed on one server, so what do you suggest?
Do you think this is a reasonable approach?
To realise the demands of both Infrastructure and Application Management through a single deployment and with a single agent, to present them in separate dashboards and to apply all authorisation transactions through these dashboards.
I look forward to hearing all your opinions on the issue.
Separate outputs are defined per integration is on the Elastic Agent roadmap. Unfortunately, we can not provide a timeframe/release number for that.
You can follow the work if you like
In the meantime, you could pass the data through Logstash and split the stream/telemetry as you like.... i.e. send to separate data to separate elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.