As an distributed environment grows in number of components and servers, extracting and analyzing relevant information from system and application logs becomes a more complex task.
In the presentation we show our approach to an indexed centralized storage, composed of three components:
- Logstash, as a log collector, parser, converter and forwarder
- Elasticsearch, as searching and storing engine and
- Kibana, as visualization interface
The chosen implementation has a good performance in terms of search- ing, is distributed in storage and search computation terms and, as most subsystems can be replicated, is scalable and provides high availability.