Elasticsearch is a database which is used to store, retrieve and manage document-oriented and semi-structured data. This allows you to search and analyze data in real time.
When it comes to using Elasticsearch, there are 3 main components.
Elasticsearch is where the data is stored. As previously mentioned it is kind of the database.
Logstash is typically used to publish data ( logs ) to Elasticsearch.
Kibana is the dashboard component which is used to view the published data via a beautiful graphical interface.
All these 3 components together is named as ELK.
So from the official Elasticsearch website you can download the above 3 components as separate products and configure them.
AWS is making things simpler where you do not need to create your Elasticsearch cluster manually. They provide it as a service and maintains it for you.
How to create an Elastic cluster in AWS ???
Login to you AWS Management console and navigate to the Elasticsearch service page.
Click on “Create a new domain”.
Select on the preferred Deployment type and select the Elasticsearch version as well. The latest Elasticsearch version that AWS offers is 6.4.
Enter a domain name and choose the Instance type in the prompt page and click next.
Here you will have set up access. This would allow only a specific set of users who can access your Elasticsearch cluster. Access could be restricted to a VPC or an IAM role. Once you have configured who can access the cluster click next and confirm.
It will take around 10 minutes to create the cluster.
Once the cluster has been created you could view the Endpoints for Elasticsearch and Kibana as follows.
These endpoints could be used via Logstash to publish your data to Elasticsearch.
See you soon with the next blog on how to configure Logstash to publish your logs to Elasticsearch.
To join our community Slack 🗣️ and read our weekly Faun topics 🗞️, click here⬇