In the examples below, our NOC was able to see issues before anyone even picked up the phone to report the issue. It's dynamic, so you can build a dashboard that is useful for your use case. With ELK, building a dashboard this amazing takes less than a half an hour.
While this guide is solely meant to show how network data can be captured and used, the real goal is to have all infrastructure and applications log to ELK as well.īelow are some screenshots showing real-time dashboards that would be useful in a NOC environment. For long time this has been acceptable, but things must change.
Some companies go one step further and are logging syslog to a central server. Many environments just have the basics covered (up/down alerting and performance monitoring). It was really impressive and I thought of how useful it could be for network operations. In recent months I have been seeing a lot of interest in ELK for systems operations monitoring as well as application monitoring. ELK is actually an acronym that stands for Elasticsearch, Logstash, Kibana. This post will discuss the benefits of using it, and be a guide on getting it up and running in your environment. What is ELK?ĮLK is a powerful set of tools being used for log correlation and real-time analytics. The updated article utilizes the latest version of the ELK stack on Centos 7. Check out the latest version of this guide here.
