Advanced Logging Kibana (root360)

Owned by Steffen Drya
Last updated: May 05, 2021 by Stefan Heitmueller
3 min read

Component description

In our Standard Logging, all relevant log files of a cloud environment are consolidated at a central location (bastion-server) and can be viewed there via the shell. Advanced Logging now offers the possibility of data visualization via Kibana. Kibana allows a graphical log file analysis in the web browser as opposed to a log file analysis via the shell. Individual queries and dashboards can be configured. Specifically, system logs such as the access logs and error logs of the web server as well as the PHP error logs are included in Advanced Logging. Optionally - as in Standard Logging - individual application logs can be transferred to Advanced Logging. This requires a one-time configuration effort with Advanced Logging.

Common use cases

  • monitoring the general health of applications and specific services

  • analysis and troubleshooting using log data in one centralized location

  • aggregate and visualize the data from logs using keywords

  • analyze the data, detect anomalies, perform root cause analysis, and build beautiful monitoring dashboards

Integrations

  • Advanced Logging Kibana (root360) integrated with known log files from Standard Logging like Apache2/nginx access logs

  • Following Standard Logging, all log files inside /var/log/application will be sent to the ElasticSearch sink as plain message string

  • JSON formatted log files will be parsed and all key/values will be sent to the ElasticSearch sink as searchable fields

    • example log file entry: {“example_field”: “example value”, “message”: “this is an example logfile entry”}will end up adding new searchable fields named example_field and message to the elasticsearch log index.

Examples

Monitoring dashboard for web application

Log file analysis and troubleshooting

 

Requesting Advanced Logging Kibana (root360)

If you want to request Advanced Logging Kibana (root360), you can do so by sending an E-Mail to service@root360.de or creating a ticket in the ticket system.

Required information

Required Information

Explanation

Options

Cluster redundancy and resources

ElasticSearch cluster can be build with single node or multiple nodes with multiple instance sizes to achieve higher redundancy and throughput.

  • Single node cluster at least node size of t3.medium.elasticsearch (not recommended)

  • 3 node cluster at least node size of t3.medium.elasticsearch

Data retention

How many days your logs files will be stored in ElasticSearch.

Default data retention

  • 7 days for PROD environment

  • 1 day for non-PROD environments

Additional log files to push

Besides the known log files from Standard Logging like Apache2/nginx access logs, you may push additional application logs to into Advanced Logging Kibana (root360).

  • Deliver list of log files with absolute path

 

Pricing

For AWS pricing see https://aws.amazon.com/elasticsearch-service/pricing/.

For root360 Managed Services pricing please contact our Service Team.

Related tutorials

 

root360 Knowledge Base - This portal is hosted by Atlassian (atlassian.com | Privacy Policy)