Centralized Logging with the Elastic Stack (Filebeat, Elasticsearch, Kibana)

Search and Analyze Logs from All Your Servers in One Place

Metrics tell you what’s happening, but logs tell you why. For managing logs from multiple servers, the ‘Ubuntu System Administration Guide’ introduces the powerful Elastic Stack (formerly ELK Stack).

The Components of the Stack

• Filebeat: This is a lightweight agent installed on your servers. It reads log files (like syslog or application logs) and securely forwards them to a central location.
• Elasticsearch: This is a powerful search and analytics engine that stores and indexes all the log data sent by your Filebeat agents.
• Kibana: This is the web interface for the Elastic Stack. It allows you to search, filter, and visualize your log data with powerful dashboards and discovery tools.

By centralizing your logs, you can correlate events across multiple servers and troubleshoot issues much more effectively.

---

This post is based from content of the book Ubuntu System adminstration guide. And the book can be found here https://www.amazon.com/stores/Mattias-Hemmingsson/author/B0FF5CQX13