Usecase verification - monitoring

Hello community,

This is my first post on this forum, so I hope this is the right approach. I've been trying to find information that would help me decide if ELK is the correct solution for a usecase I have in mind, or if there are better tailored solutions out there, that you guys know of, that would fit my purpose.

Usecase:

  • To get an overview of the 'onboarding' status of a system that is part of our monitoring scope. And if it has the status 'onboarded', if it is still sending the data used for monitoring -

My goal is to import CMDB data (SQL Query or CSV) and onboarding data from our monitoring solution (CSV) and correlate this data to verify if the monitoring solution has ever received data from a system, and is so, what date & time did the monitoring solution receive the last event/data.

My idea is to periodically import the data and overwrite existing data fields and create queries to populate the dashboard. I have a working solution in Excel but due to the large number of rows from the CMDB (over 12k), Excel becomes sluggish and I would like to port to a web solution.

Do you guys feel ELK is the way to go? Or am I using a sledgehammer to drive in a nail?

Thanks in advance for any reply.

It sounds like a good idea. But;

Why not stream all the monitoring events into Elasticsearch and do it all in realtime, rather than batch and the only covering the time of that batch?

Also, we’ve renamed ELK to the Elastic Stack, otherwise Beats and APM feel left out! :wink: Check out Elastic Stack: Elasticsearch, Kibana, Beats & Logstash | Elastic as well.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.