Difference between revisions of "Elasticsearch"

Elasticsearch is a web based search engine released in 2010 that provides a distributed, multitenant-capable full-text search engine and schema-free JSON documents based on the Lucene library. You can use many differents tools to send logs to Elasticsearch, including /Filebeat/ product from ElasticSearch developers. Elastisearch offer different software for sending data such as: Filebeat, /Metricbeat/^[1], Packetbeat, Winlogbeat, Auditbeat, Heartbeat and Functionbeat

ElastaticSearch is also available as a docker image^[2] or as service in AWS (AWS Elasticsearch) since November 2015.^[3]

Installation

• ElasticSearch Docker installation: https://www.docker.elastic.co/: /Install ElasticSearch using Docker/
• Configuration: /usr/share/elasticsearch/config/elasticsearch.yml ^[4]

Activities

1. Read ElasticSearch release notes: https://github.com/elastic/elasticsearch/releases
2. Install ElasticSearch using Docker: https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html

/usr/share/elasticsearch/config/elasticsearch.yml

To connect: http://localhost:9200/

1. Install Elasticsearch-hq management GUIs for Elasticsearch

See also

• AWS Elasticsearch service
• Kibana open source data visualization plugin for ElasticSearch.
• Logstash
• Filebeat software for sending logs
• Cerebro, Newman//Postman/ or /Elasticsearch-hq/ management GUIs for Elasticsearch
• Grafana, Curator^[5]
• SIEM

Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy.

Source: https://en.wikiversity.org/wiki/ElasticSearch