An overview of the Elastic Stack
editAn overview of the Elastic Stack
editWhat exactly is the "Elastic Stack"? It’s a fast and highly scalable set of components — Elasticsearch, Kibana, Beats, Logstash, and others — that together enable you to securely take data from any source, in any format, and then search, analyze, and visualize it.
You can deploy the Elastic Stack as a Cloud service supported on AWS, Google Cloud, and Azure, or as an on-prem installation on your own hardware.
Ingest
editElastic provides a number of components that ingest data. Collect and ship logs, metrics, and other types of data with Elastic Agent or Beats. Manage your Elastic Agents with Fleet. Collect detailed performance information with Elastic APM.
If you want to transform or enrich data before it’s stored, you can use Elasticsearch ingest pipelines or Logstash.
Trying to decide which ingest component to use? Refer to Adding data to Elasticsearch to help you decide.
- Fleet and Elastic Agent
-
Elastic Agent is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. It can also protect hosts from security threats, query data from operating systems, forward data from remote services or hardware, and more. Each agent has a single policy to which you can add integrations for new data sources, security protections, and more.
Fleet enables you to centrally manage Elastic Agents and their policies. Use Fleet to monitor the state of all your Elastic Agents, manage agent policies, and upgrade Elastic Agent binaries or integrations.
- APM
- Elastic APM is an application performance monitoring system built on the Elastic Stack. It allows you to monitor software services and applications in real-time, by collecting detailed performance information on response time for incoming requests, database queries, calls to caches, external HTTP requests, and more. This makes it easy to pinpoint and fix performance problems quickly. Learn more about APM.
- Beats
- Beats are data shippers that you install as agents on your servers to send operational data to Elasticsearch. Beats are available for many standard observability data scenarios, including audit data, log files and journals, cloud data, availability, metrics, network traffic, and Windows event logs. Learn more about Beats.
- Elasticsearch ingest pipelines
- Ingest pipelines let you perform common transformations on your data before indexing them into Elasticsearch. You can configure one or more "processor" tasks to run sequentially, making specific changes to your documents before storing them in Elasticsearch. Learn more about ingest pipelines.
- Logstash
- Logstash is a data collection engine with real-time pipelining capabilities. It can dynamically unify data from disparate sources and normalize the data into destinations of your choice. Logstash supports a broad array of input, filter, and output plugins, with many native codecs further simplifying the ingestion process. Learn more about Logstash.
Store
edit- Elasticsearch
- Elasticsearch is the distributed search and analytics engine at the heart of the Elastic Stack. It provides near real-time search and analytics for all types of data. Whether you have structured or unstructured text, numerical data, or geospatial data, Elasticsearch can efficiently store and index it in a way that supports fast searches. Elasticsearch provides a REST API that enables you to store data in Elasticsearch and retrieve it. The REST API also provides access to Elasticsearch’s search and analytics capabilities. Learn more about Elasticsearch.
Consume
editUse Kibana to query and visualize the data that’s stored in Elasticsearch. Or, use the Elasticsearch clients to access data in Elasticsearch directly from common programming languages.
- Kibana
- Kibana is the tool to harness your Elasticsearch data and to manage the Elastic Stack. Use it to analyze and visualize the data that’s stored in Elasticsearch. Kibana is also the home for the Elastic Enterprise Search, Elastic Observability and Elastic Security solutions. Learn more about Kibana.
- Elasticsearch clients
- The clients provide a convenient mechanism to manage API requests and responses to and from Elasticsearch from popular languages such as Java, Ruby, Go, Python, and others. Both official and community contributed clients are available. Learn more about the Elasticsearch clients.