Elastic Search (for log collection)

Introduction

Elastic search can be used in conjunction with fluentd to create a searchable logging database.

This page contains some tips as to Axual’s use of Elastic Search.

Intallation

Elastic can be installed on a server, docker image or as a cloud service.

Tips

Create an Elastic index for the logfiles being generated by Axual. It is good to set up mappings on each Index which will help you to create useful queries in Elastic. From the Elastic Documentation:

Mapping is the process of defining how a document, and the fields it contains, are stored and indexed.

Each document is a collection of fields, which each have their own data type. When mapping your data, you create a mapping definition, which contains a list of fields that are pertinent to the document. A mapping definition also includes metadata fields, like the _source field, which customize how a document’s associated metadata is handled.

The mappings used in the Axual platform deploy/Docker environment can be found here: Elastic Docker Logger Index Mappings

The mappings used inside of the Helm environment are found here Elastic Kubernetes Index Mappings