Using Elasticsearch for storing logs in microservice-based architecture


I am writing a new microservice-based system and considering Elasticsearch for logging data storage.

What are the best practices of using ElastiSearch for logging? For now, I have 2 questions? but if anybody has ideas to share, please do not hesitate :slight_smile:

  • One index for all microservices or a dedicated index for each one?
  • How will customers share logs if they are not willing to provide us with the Elasticsearch creds with read-only permissions due to security considerations? What option do I have? Exporting data from index(-ies) using GET /my-index-000001/_search.


Welcome to our community! :smiley:

I'd group the same services across multiple hosts into their own indices.

If they don't want to give you read only access, why would they share the logs with you at all?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.