Suggestions on Correlation for Centralized Log Monitoring

Hello Team

I’m working on building a solution where user should be able to see end to end insights/dashboards of infra, network, app and databases.

I’ve used apm, metric beat, audit beat, packetbeat, heartbeat-uptime and automated everything using Ansible.

Everything is working fine and able to see all the dashboards in kibana.

But how to integrate all these components in kibana so that whenever application response is delayed or application is down(might be due to network, or server problem or some other) user should be able to see and understand the cause immediately by seeing at the kibana dashboards.

For instance, in heartbeat dashboard I see one of my server is not reachable and also one of my api is not giving response. Now what should be the next step ?? Do I need to see at the metricbeat or packetbeat or audit beat dashboards? All I’m trying to understand is kind of correlation between all these dashboards??

Any suggestions on this will be very helpful.

Best
Rahul

Hello team

Any suggestions on this would be helpful ??

Thanks
Rahul

Hi @rahulnama,

Unfortunately, I don't know of a single place to visit that will answer this question:

Now what should be the next step ??

I know think being able to answer that question is extremely important, so I think the best you'll be able to do is craft dashboards that contain visualizations from each service involved in some application. So instead of having a dashboard of just heartbeat information, create a dashboard that contains a critical heartbeat visualization (one that tells you if the service is available or not) but also add other visualizations for data from other services that will help you quickly see where the issue lies.

I do think something like this is very helpful, so feel free to open a feature request for some kind of catered unified view: Sign in to GitHub · GitHub