Operations | Monitoring | ITSM | DevOps | Cloud

September 2020

Elastic Stack Monitoring with Elastic Cloud on Kubernetes

Elastic Cloud on Kubernetes (ECK) is the official operator for provisioning Elastic Stack deployments in Kubernetes. It orchestrates not only day-one provisioning, but also has the processes and best practices for day-two management and maintenance baked in. If you want to run your own Elastic Stack deployment on Kubernetes, then look no further than ECK!

Putting anomalies into context with custom URLs in Kibana

Machine learning in the Elastic Stack provides you with an intuitive way to detect anomalies in vast data sets. But even the most sophisticated anomaly detection job might not reveal the root cause of anomalous behavior. After an anomaly is detected, you may need to dive into further analysis, review multiple corresponding metrics, and investigate how they relate to the anomalous spike.

Monitoring infrastructure and microservices with Elastic Observability

Trends in the infrastructure and software space have changed the way we build and run software. As a result, we have started treating our infrastructure as code, which has helped us lower costs and get our products to market more quickly. These new architectures also give us the ability to test our software faster in production-like deployments, and generally deliver more stable and reproducible deployments.

The Go client for Elasticsearch: Working with data

In our previous two blogs, we provided an overview of the architecture and design of the Elasticsearch Go client and explored how to configure and customize the client. In doing so, we pointed to a number of examples available in the GitHub repository. The goal of these examples is to provide executable "scripts" for common operations, so it's a good idea to look there whenever you're trying to solve a specific problem with the client.

Monitoring Java applications with Elastic: Multiservice traces and correlated logs

In this two-part blog post, we’ll use Elastic Observability to monitor a sample Java application. In the first blog post, we started by looking at how Elastic Observability monitors Java applications. We built and instrumented a sample Java Spring application composed of a data-access microservice supported by a MySQL backend. In this part, we’ll use Java ECS logging and APM log correlation to link transactions with their logs.

Enriching data with GeoIPs from internal, private IP addresses

For public IPs, it is possible to create tables that will specify which city specific ranges of IPs belong to. However, a big portion of the internet is different. There are company private networks with IP addresses of the form 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16 scattered in every country in the world. These IP addresses tend to have no real information for the geographic locations.

How to set up OpenID Connect on Elastic Cloud with Azure, Google, or Okta

OpenID Connect (OIDC) is an authentication layer based on OAuth 2.0 protocol that provides a way to identify and authenticate users via an authorization server. OAuth 2.0 authorization servers are managed by identity providers. In the domain associated with OIDC, they are also called OpenID Connect Providers (OPs). OIDC allows users to connect to web applications in a simplistic single sign-on (SSO) manner thanks to the identity provider.

Elastic Workplace Search and Gmail: Unified search across all your content

As work from home has ballooned in 2020, virtual methods for communicating with colleagues have become more critical than ever. Same goes for all the useful productivity and collaboration tools at our disposal. The emerging downside is the difficulty of finding needed information among so many tools. Compounding the problem is the tendency for info to get siloed off by department.

Snapshot Lifecycle Management - Sept 9, 2020 Elastic Meetup

Snapshot Lifecycle Management (SLM) allows you to set up snapshot lifecycle policies to automate the timing, frequency, and retention of snapshots. In this talk we will cover the basics of registering a repository, setting up a snapshot policy and taking the test snapshots. If you are aware of the necessity of taking frequent snapshots for high availability/disaster recovery and you’ve been looking for a way to automate the whole process - then SLM is the right tool for you!

Automate Elastic Cloud workflows using an SDK and Elasticsearch Service API

We recently announced the general availability of our Elasticsearch Service API. APIs help to automate tasks such as creating and scaling deployments, integrating with existing workflows, and testing. The Elasticsearch Service API supports the Open API Specification, which allows you to use tools like Swagger to generate software development kits (SDKs) in any programming language. You can import the API spec onto Postman and create a Postman Collection to create a test suite.

The Go client for Elasticsearch: Configuration and customization

In a previous blog, we saw that the seemingly simple job of an Elasticsearch client — moving data between the calling code and the cluster — is actually quite complicated under the hood. Naturally, as much as we try to make the default behaviour of the client optimal for the majority of scenarios, there are situations where you want to configure, customize, or enable/disable certain features.

Bring new insights to your IP analytics with a global administrative layer in Elastic Maps

We love maps at Elastic. In the Elastic Stack, there is one core component of all data we visualize using maps: Location. Location can mean reporting real-time positions of fleet vehicles, using a geofence for limiting search results, gauging application performance metrics from a geographic area, or identifying security threats by attaching geographic coordinates to IP addresses.

Debugging broken grok expressions in Elasticsearch ingest processors

In two previous posts, we covered structuring data with grok and building custom grok patterns. But what happens if you just can’t get your grok patterns to work? In this article, we’re going to use Kibana’s Grok Debugger to help us debug a broken grok pattern. The divide-and-conquer method described below should help you to quickly find the reason that a given grok pattern is not matching your data.

Monitoring Java applications with Elastic: Getting started with the Elastic APM Java Agent

The goal of Java application monitoring is to minimize the time it takes to discover a problem with a Java application (mean time to detect, or MTTD) and the time it takes to recover from it (mean time to resolve, or MTTR). Understanding what's going on in our code is the biggest step in finding and eliminating the root cause of a problem, and let's face it — that code that seemed clear and concise when we wrote it a year ago might not be as "self documenting" as we thought.

Announcing the Elastic Contributor Program

Open source contributions are foundational to Elastic — from Elasticsearch’s Apache Lucene core to the addition of open source Logstash and Kibana to form the Elastic Stack you’ve come to know and love. Over the years, the Elastic community has created over 90 Beats, shared use case tutorials like those from Volvo, T-Mobile, and Microsoft, and presented at hundreds upon hundreds of meetups.

Bold, insightful, real-time: Visualizing APM data with Canvas in Kibana

Since we launched Canvas in 2018, we have seen tons of our users create beautiful dashboards that tell stories with Elasticsearch data. In the spirit of making it even easier to get started, we are creating templates that you can import and get instantly beautiful dashboards for all the data the Elastic Stack captures.