Tying together Zabbix and Elasticsearch/Logstash/Kibana (ELK)

Speaker: Volker Fröhlich

Abstract

Log monitoring is a great complement to classic monitoring. Many applications and devices don't expose metrics about themselves. Others do, but they are difficult to work with or just not what you need. However, most applications and devices are capable of writing useful logs. Collecting and analyzing them can allow you to easily spot oddities, but you can also yield technical and business metrics with little effort. Presumably, the greatest benefit can be gained from integrating the two systems as closely as possible. This session explains a stack consisting of Rsyslog, Elasticsearch, Logstash, Kibana (ELK) and Zabbix. It highlights its strengths and some of the important details and pitfalls that come with. It also gives some examples of what can be achieved, briefly explains the necessary configuration and will then focus on what can be done to connect Zabbix and ELK, including some user interface hacks.

Biography

Volker Fröhlich is a GNU/Linux system administrator with the Austrian company Geizhals (Preisvergleich Internet Services AG), an active Zabbix community member and hobby hacker, RPM packager with Fedora and Openstreetmap mapper. He has 4 and 2 years of experience in Zabbix and ELK respectively. He is also a reviewer on the recent Packt book on Zabbix 3.0, by Rihards Olups.

Najaar 2015

2023-05-27
 
Vereniging NLUUG
info@nluug.nl
           postbus 8189
6710 AD Ede