Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Getting Started with Elastic Stack 8.0
  • Toc
  • feedback
Getting Started with Elastic Stack 8.0

Getting Started with Elastic Stack 8.0

By : Asjad Athick
4.3 (9)
close
Getting Started with Elastic Stack 8.0

Getting Started with Elastic Stack 8.0

4.3 (9)
By: Asjad Athick

Overview of this book

The Elastic Stack helps you work with massive volumes of data to power use cases in the search, observability, and security solution areas. This three-part book starts with an introduction to the Elastic Stack with high-level commentary on the solutions the stack can be leveraged for. The second section focuses on each core component, giving you a detailed understanding of the component and the role it plays. You’ll start by working with Elasticsearch to ingest, search, analyze, and store data for your use cases. Next, you’ll look at Logstash, Beats, and Elastic Agent as components that can collect, transform, and load data. Later chapters help you use Kibana as an interface to consume Elastic solutions and interact with data on Elasticsearch. The last section explores the three main use cases offered on top of the Elastic Stack. You’ll start with a full-text search and look at real-world outcomes powered by search capabilities. Furthermore, you’ll learn how the stack can be used to monitor and observe large and complex IT environments. Finally, you’ll understand how to detect, prevent, and respond to security threats across your environment. The book ends by highlighting architecture best practices for successful Elastic Stack deployments. By the end of this book, you’ll be able to implement the Elastic Stack and derive value from it.
Table of Contents (18 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Section 1: Core Components
Section 1: Core Components
Free Chapter
2
Chapter 1: Introduction to the Elastic Stack
Chapter 1: Introduction to the Elastic Stack
An overview of the Elastic Stack
A note about licensing
What is Elasticsearch?
Introducing Kibana
Collecting and ingesting data
Running the Elastic Stack
Solutions built on the stack
Summary
3
Chapter 2: Installing and Running the Elastic Stack
Chapter 2: Installing and Running the Elastic Stack
Technical requirements
Manual installation of the stack
Automating the installation
Using Elastic Cloud Enterprise (ECE) for orchestration
Running on Kubernetes
Configuration of your lab environment
Summary
4
Section 2: Working with the Elastic Stack
Section 2: Working with the Elastic Stack
5
Chapter 3: Indexing and Searching for Data
Chapter 3: Indexing and Searching for Data
Technical requirements
Understanding the internals of an Elasticsearch index
Elasticsearch nodes
Searching for data
Summary
6
Chapter 4: Leveraging Insights and Managing Data on Elasticsearch
Chapter 4: Leveraging Insights and Managing Data on Elasticsearch
Technical requirements
Getting insights from data using aggregations
Managing the life cycle of time series data
Manipulating incoming data with ingest pipelines
Responding to changing data with Watcher
Summary
7
Chapter 5: Running Machine Learning Jobs on Elasticsearch
Chapter 5: Running Machine Learning Jobs on Elasticsearch
Technical requirements
The value of running machine learning on Elasticsearch
Preparing data for machine learning jobs
Looking for anomalies in time series data
Running classification on data
Inferring against incoming data using machine learning
Summary
8
Chapter 6: Collecting and Shipping Data with Beats
Chapter 6: Collecting and Shipping Data with Beats
Technical requirements
Introduction to Beats agents
Collecting logs using Filebeat
Using Metricbeat to monitor system and application metrics
Monitoring operating system audit data using Auditbeat
Monitoring the uptime and availability of services using Heartbeat
Collecting network traffic data using Packetbeat
Summary
9
Chapter 7: Using Logstash to Extract, Transform, and Load Data
chevron up
Chapter 7: Using Logstash to Extract, Transform, and Load Data
Technical requirements
Introduction to Logstash
Looking at pipelines for real-world data-processing scenarios
Summary
10
Chapter 8: Interacting with Your Data on Kibana
Chapter 8: Interacting with Your Data on Kibana
Technical requirements
Getting up and running on Kibana
Visualizing data with dashboards
Creating data-driven presentations with Canvas
Working with geospatial datasets using Maps
Responding to changes in data with alerting
Summary
11
Chapter 9: Managing Data Onboarding with Elastic Agent
Chapter 9: Managing Data Onboarding with Elastic Agent
Technical requirements
Tackling the challenges in onboarding new data sources
Managing Elastic Agent at scale with Fleet
Setting up your environment
Summary
12
Section 3: Building Solutions with the Elastic Stack
Section 3: Building Solutions with the Elastic Stack
13
Chapter 10: Building Search Experiences Using the Elastic Stack
Chapter 10: Building Search Experiences Using the Elastic Stack
Technical requirements
An introduction to full-text searching
Implementing features to improve the search experience
Summary
14
Chapter 11: Observing Applications and Infrastructure Using the Elastic Stack
Chapter 11: Observing Applications and Infrastructure Using the Elastic Stack
Technical requirements
An introduction to observability
Observing your environment
Instrumenting your application performance
Summary
15
Chapter 12: Security Threat Detection and Response Using the Elastic Stack
Chapter 12: Security Threat Detection and Response Using the Elastic Stack
Technical requirements
Building security capability to protect your organization
Building a SIEM for your SOC
Leveraging endpoint detection and response in your SOC
Summary
16
Chapter 13: Architecting Workloads on the Elastic Stack
Chapter 13: Architecting Workloads on the Elastic Stack
Architecting workloads on Elastic Stack
Architectures to handle complex requirements
Implementing successful deployments of the Elastic Stack
Summary
Why subscribe?
17
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Chapter 7: Using Logstash to Extract, Transform, and Load Data

In previous chapters, one of our areas of focus was looking at how data can be indexed and searched on Elasticsearch. We looked at index mappings and the importance of defining correct mappings in downstream use cases such as computing aggregations, running alerting, and using machine learning features.

In this chapter, we look at how ETL tools such as Logstash can be used to extract data from a range of source systems (such as Syslog streams, CSV files, message-streaming platforms, or Beats agents), and transform events to their desired format before loading them into Elasticsearch. Upon completion of this chapter, you will be able to use Logstash to process and ingest a variety of data sources into Elasticsearch.

In this chapter, we will specifically focus on the following:

  • Understanding the internals of Logstash and the anatomy of a Logstash pipeline
  • Exploring common input, filter, and output plugins...
End of Section 1
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete