Devops_notes: MONITORING SYSTEM LOGS AND METRICS IN ELK STACK

Thursday, August 31, 2023

MONITORING SYSTEM LOGS AND METRICS IN ELK STACK

Monitoring system logs and metrics using the ELK Stack (Elasticsearch, Logstash, and Kibana) is a common practice for gaining insights into the health, performance, and behavior of your applications and infrastructure. The ELK Stack is a powerful toolset that allows you to collect, store, search, analyze, and visualize log and metric data. Here’s a step-by-step overview of how to set up monitoring using the ELK Stack:

steps to complete the lab:
CLONE THE REPOSITORY - INCLUDING VAGRANT FILES FOR ELK,CENTOS,UBUNTU
INSTALL DOCKER.IO
INSTALL DOCKER-COMPOSE
SET-UP KERNEL SETTINGS.
UP THE DOCKER-COMPOSE CONTAINING ELK CONFIGURATION
----------------------------------------------------
INSTALL CENTOS/UBUNTU AS A CLINET MACHINE WHERE WE INSTALL FILE BEAT/METRIC BEAT
====================================================
Commands:
sudo apt-get update
sudo apt-get install docker.io
git clone https://github.com/sheikhkamranm/elk.git
sudo gpasswd -a generic docker
add --> sudo vi /etc/sysctl.conf
vm.max_map_count=262144
sudo sysctl -w vm.max_map_count=262144
sudo sysctl -a | grep vm.max_map_count
sudo apt-get install docker-compose
docker-compose up -d
docker-compose logs -f
sudo netstat -nltp
docker volume ls
----------------------------------------------------
docker exec elasticsearch ls /usr/share/elasticsearch/plugins
sudo systemctl status firewalld
copy yum repository --> https://www.elastic.co/guide/en/beats/filebeat/6.5/setup-repositories.html
sudo vi /etc/yum.repos.d/elastic.repo

filebeat install on ubuntu:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -
sudo apt-get install apt-transport-https
echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list
sudo apt-get update && sudo apt-get install filebeat
sudo vi cat 
--->host: "192.168.1.29:5601"
--->output: "192.168.1.29:9200"
sudo systemctl enable filebeat
sudo filebeat version
sudo filebeat test output
sudo filebeat modules list
sudo filebeat modules enable system
sudo filebeat test config
sudo filebeat setup
sudo systemctl start filebeat
sudo systemctl status filebeat

Client side configuration:

===================

END OF NOTES

DevOpsCodes

I am a diligent DevOps engineer with five years of experience in DevOps technology like AWS, Kubernetes, Docker, Redhat Openshift, Terraform, Jenkins, and GitHub. Proficient in containerization technologies such as Docker for building, shipping, and running applications. Experience in deploying applications on Kubernetes clusters and managing them using Kubectl. Implemented CI/CD pipeline using Kubernetes, Docker, and GitHub for builds and deployment stages. Familiarity with container orchestration, microservices, and container networking concepts.

Devops_notes

Thursday, August 31, 2023

MONITORING SYSTEM LOGS AND METRICS IN ELK STACK

steps to complete the lab:

filebeat install on ubuntu:

END OF NOTES

No comments:

Post a Comment

Translate

Total Pageviews

Followers