Elasticsearch is a powerful search engine developed in Java with clients available for many of the major languages. Data is stored as JSON documents and are easily and quickly searched via an HTTP interface. Elasticsearch is popular to run together with Logstash for data-collecting and processing logs, and Kibana for visualizing the data. This is referred to as the Elastic Stack, and Elasticsearch functionality in the stack is to store the data and make it searchable.
When dealing with multiple servers, and especially in a high availability environment handling logs can get quite complex. It can become difficult to debug with logs spread out over multiple servers and this is one of the problems that Logstash attempts to address. Logstash is also part of the ELK (ElasticSearch, Logstash, and Kibana) Stack, lately referred to as the Elastic Stack, which together form a very powerful tool for managing, reading and visualizing logs and data. In the Elastic Stack series, we are going to have a look at each of the tools and go through some best practices.