You can view the sample code associated with this post on GitHub.

In a previous post on Provisioning a Server with Kibana, we saw that it’s very straightforward to get kibana on a box.

You can see the source code for this post on GitHub.

In a previous post on How to Provision Multiple Logstash Hosts Using Ansible, we saw that provisioning logstash is pretty straightforward. However, what do we do with it after it’s been out there transforming messages this entire time? Given that elastic comes out with a new version of Logstash every fifteen or twenty minutes, a wise person would look to automate the upgrade process as soon as possible.

The corresponding source code for this post is available on GitHub.

Kibana is a fancy pants web application that tries to make data in Elasticsearch user-friendly. Rounding out the previous two posts on how to install an elasticsearch cluster and how to install multiple logstash hosts, I will now show you how to stack kibana on top of them.

The source code for this post can be found on GitHub.

Logstash primarily exists to extract useful information out of plain-text logs. Most applications have custom logs which are in whatever format the person writing them thought would look reasonable…usually to a human, and not to a machine. While countless future developer hours would be preserved if everything were just in JSON, that is sadly not even remotely the case, and in particular it’s not the case for log files. Logstash aims to be the intermediary between the various log formats and Elasticsearch, which is the document database provided by Elastic as well.

You can see the sample code for this tutorial on GitHub.

Elasticsearch is a distributed, NoSQL, document database, built on top of Lucene. There are so many things I could say about Elasticsearch, but instead I’ll focus on how to install a simple 3-node cluster with an Ansible role. The following example will not have any security baked into it, so it’s really just a starting point to get you up and running.

Elasticsearch, Logstash, and Kibana, commonly referred to as ELK or the Elastic Stack, is a set of tools that can, well do a lot of things. It is most famous for its logging and analytics capabilities.