Sometimes it’s hard to see the forest for the trees. As a newbie in the world of the ELK Stack, you may be feeling overwhelmed by the number of articles and tutorials on the Web. But even more grown ELKs have been known to wander lost among the trees.
At Logz.io, we’ve compiled a number of ELK guides to help beginners to hit the ground running, but there are some additional excellent resources out there containing extremely valuable information. This article lists ten resources that we believe you must read if you’re doing ELK. We’ve listed public sites, company blogs, and personal sites. We hope you find it helpful!
The Elastic site has the content one would expect from the commercial entity behind the ELK Stack. From getting started guides explaining how to install and setup each of the stack’s components to videos, user stories and forums — the Elastic site must be among the first sources of information to explore when starting out with the stack. Familiarize yourself with the various pages, your logs depend on it!
EagerElk is an excellent blog containing information for slightly more advanced users. Written by Jurgens du Toit, this blog details the author’s lessons learned from years of experience working with Elasticsearch, Logstash, and Kibana. The blog also contains a series of white papers and a list of links leading to additional sources of information. Jurgens also contributed an Elasticsearch tutorial, Logstash tutorial, and a guide to Elasticsearch queries to the Logz.io Blog.
3. Technology Explained
This personal blog by Alexandre Lourenco contains some extremely useful posts on Elasticsearch but also shows how to set up a centralized logging system with the ELK Stack. Some of the commands need to be updated to reflect the latest versions of the stack, but as a whole, the articles are well worth the extra copy-paste needed to complete the steps.
4. Tim Roes’ Blog
Tim Roes has put together an excellent compilation of articles describing how to work with Kibana — the pretty face of the ELK Stack. His four-part Kibana tutorial here provides a good way to get acquainted with the basics, and the more advanced “Writing Kibana Plugins” series takes it up a notch by explaining how to customize Kibana for your own environment.
Much has been written on the wealth of technical ELK information to be found in StackOverflow, and yet still it seems people underestimate this treasure trunk. As you venture into the world of ELK, you will undoubtedly encounter problems and issues. But do not despair! Remember, hundreds of thousands are downloading ELK a year, and there is a huge chance someone else has encountered the same issue that you’re experiencing. And if not, a dedicated community of ELKers will be quick to answer any new question.
DigitalOcean provides excellent step-by-step tutorials that often rank among the first results when searching for an ELK related topic on Google. Especially useful are the installation tutorials, which specify the exact requirements you need to set up the entire ELK Stack together with guidelines for shipping specific types of logs. Here for example, is a tutorial describing how to install the stack on Ubuntu 14.04 with Nginx. While a touch too lengthy, these how-tos are extremely detailed and cover all the bases.
DZone contains a large amount of technology-related articles that cover a wide array of topics. An ELK-related article written by experienced ELKers is published almost every week, that taken together comprise a solid database of articles to learn from. The article is a bit scattered, so you will need to search for the specific topic in which you’re interested.
Reddit is one of my favorite sources of information on ELK-related topics, if not the most useful. To stay up-to-date with the latest developments in the world of ELK, I recommend subscribing to most if not all of the following subreddit groups: Elasticsearch, Elastic, ELK Stack, Kibana, and Logstash (the last two are not very active but are worth monitoring just in case.)
While not the most obvious place to look for information about how to use the ELK Stack, the Elasticsearch, Logstash and Kibana repos on GitHub can provide information on open issues and their status. Of course, when you become a fully grown ELKer, this is the place to contribute back to the community. If you have a few minutes to spare, it’s always a nice exercise to measure the strength of a community by checking out GitHub graphs!
Ah, yes. We couldn’t let this one pass. As mentioned above, we’ve put a lot of effort into putting together some in-depth resources on using the ELK Stack our readers enjoy reading. For those beginning their long and winding ELK path, it’s worth highlighting The Definitive Guide to AWS Log Analytics Using ELK and The Complete Guide to the ELK Stack — the latter of which is a compilation of getting started and best practice articles written by six different writers. And there are some other interesting posts I’ll let you discover on your own.
This list is by no means complete. We know there are other resources out there, so please feel free to comment below so our next article in the series will be able to list the top 50 resources!