ECL
1. Introduction to EKL
-
ELK is the abbreviation of Elasticsearch+Logstash+Kibana
-
ElasticSeatch is a distributed full-text search engine based on Lucene, providing RESTful API for data reading and writing.
-
Logstash is a tool for collecting, processing and forwarding events and logs and messages
-
Kibana is an open source data visualization plug-in for Elasticsearch. It provides a friendly web page for viewing stored in Elasticsearch, and provides analysis tools such as bar charts, line and scatter charts, pie charts and maps.
In general, ElasticSearch is responsible for storing data, Logstash is responsible for collecting logs and formatting them into ElasticSerch, and Kibana provides visual access functions
2. ELK workflow
The application writes the log to Redis according to the agreed Key, and Logstash reads the log information from Redis and writes it to the ElasticSearch cluster. Kibana reads the logs in ElasticSearch and displays them in the form of tables/charts on the web page.