ElasticSearch definition

Elasticsearch is an open-source real-time search server that provides indexed and distributed storage based on Lucene.

It provides all the Lucene search power for full-text searches, but simplifies queries through its to RestFul Web interface.

Features

• Allows large-scale data exploitation.
• Allows real-time analytics.
• Allows the creation of alerts.
• Allows full-text search with high response speed.
• Search as you type is written by providing search suggestions.
• Supports structured and semi-structured searches.
• Compatible with all platforms that support Java.
• Being distributed facilitates scalability.
• Its replies are in JSON format, it does not support others like CSV or XML.
• Allows data backup in a simple way.
• Multi-tenancy capability.
• It allows its use on the Hadoop ecosystem.

Tools

Logstash

Logstash is an open-source tool for the administration of logs, which allows to load, transform, filter and save the logs on which to search.

It allows the entry of multitude of data sources, the transformation to its internal logtash format and different types of data outputs.

Ideal for creating alerts that report in real time.

Note: There are two other tools for managing alerts that are Wacher and Elastalert.

Beats

FileBeat is a lightweight application that is deployed on each server where logs are produced, with the aim of reducing the consumption of resources in such a way that each Beat sends the data to a single Logstash server for processing and subsequent storage in Elasticsearch.

Kibana

Kibana is an open source tool that allows the visualization of information stored and indexed in Elasticsearch in an easy and intuitive way.

Ideal for analyzing and displaying log aggregation.

X-Pack

X-Pack is a proprietary tool with a 30-day trial, which allows security options, alerts, monitoring, reporting, graphics, machine learning and SQL.

Elasticseach tools