Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have come across with Elasticsearch and have gone through the websites but nothing goes in to my mind. I understood its for logging analysis, but is it only useful for cloud infrastructure like AWS, google? please share me your ideas.
ELK stands for ElasticSearch Logstash Kibana. It should be called LEK, because the dataflow starts with Logstash, but I guess ELK sounds better.
Logstash is a tool that standardizes log messages. Standardized log messages go into Elasticsearch, which puts them into a database that is optimized for very fast read access. Kibana is a graphical presentation tool that allows you to correlate log information in many ways.
Useful for any infrastructure where you have several log files from several servers that you want to analyze and correlate.
Any specific question?
Last edited by berndbausch; 12-20-2018 at 04:41 PM.
ELK stands for ElasticSearch Logstash Kibana. It should be called LEK, because the dataflow starts with Logstash, but I guess ELK sounds better.
Logstash is a tool that standardizes log messages. Standardized log messages go into Elasticsearch, which puts them into a database that is optimized for very fast read access. Kibana is a graphical presentation tool that allows you to correlate log information in many ways.
Useful for any infrastructure where you have several log files from several servers that you want to analyze and correlate.
Any specific question?
Thank you so much for the answer. Yes, In our infrastructure we have many apache logs to monitor so would ELK be the best to monitor all logs with in the infrastructure?
I can’t serve as a consultant, even more so because I only have a one-line description of a complex problem, but I would check how much work and computing resources are required to set up and maintain an ELK installation and compare that to the scale of your problem.
Since you only need to manage Apache logs, perhaps there are more focused, easier to use and leaner solutions.
I have installed ELK on my system (Debian version: 8), after the installation when i try to connect to my website https://example.com it asks for username and password and I am unable to authenticate it. Can anyone help me with this.
2019/01/23 10:02:44 [error] 5583#5583: *11 user "admin" was not found in "/etc/nginx/htpasswd.kibana", client: 94.209.200.140,, server: _, request: "GET / HTTP/2.0", host: "example.com"
I have installed Splunk on my server, So I can monitor all the clients on a single server?
Have you CONFIGURED all your servers to send the logs to one? Have you read the Splunk documentation?? And you do realize that Splunk requires configuration, just like Kibana does too?
I have created an instance to monitor apache access log as per the documentation, unforunately i am unable to see the logs when i start seraching for it. Any idea?
I have created an instance to monitor apache access log as per the documentation, unforunately i am unable to see the logs when i start seraching for it. Any idea?
Besides "You didn't configure it properly"...no, none at all. And an 'instance' of what? This thread was started about Kibana, and after you seemed to bypass a very simple error message, (that TenTenths explained), you said you the installed Splunk.
Again: you have to configure things before they'll work. If you're not seeing the logs you want (but see others), that narrows down the list of potential problems considerably.
I configured the app Splunk Add-on for Apache Web Server unfortunately when i try to launch app it redirects to the page where the application not found. when i download and upload files it says successfully done but still seems the application doesnot exist.
I configured the app Splunk Add-on for Apache Web Server unfortunately when i try to launch app it redirects to the page where the application not found. when i download and upload files it says successfully done but still seems the application doesnot exist.
Right; again, you have **NOT INSTALLED OR CONFIGURED IT CORRECTLY**
It's giving you errors and telling you it's not running...why would you then think that you'd see log file entries as if it WAS running? Again, you are providing NO DETAILS about what you've done/tried how you installed, to what version/distro of Linux. All things you've been asked several times before. Since you are now asking about Splunk, you need to open a new thread where you provide all of the details you SHOULD be providing. Do this after you read and follow the Splunk installation instructions (which you haven't yet).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.