This page shows you how to use the ELK stack InstantApp on your C1 server. ELK stack is an environment that lets you collect and visualize your logs with:
- You have an account and are logged into cloud.scaleway.com
- You have configured your SSH Key
There are three steps to deploy the ELK stack InstantApp
First, we need to create a new server using the ELK stack InstantApp. Click the “Create Server” button in the control panel.
You land on the server creation page where you must input information and choose an image.
After inputting your server basic information, select the ELK stack image for your server.
On the ImageHub tab, select ELK stack and click the “Create Server” button.
The server will be created with a ready to use install of elasticsearch, Kibana and logstash.
In this tutorial we will see how to track syslogs data and visualize them from Kibana.
Let’s start by creating a new configuration file to collect system logs. Open a new file in
/etc/logstash/conf.d/logstash-syslog.conf and fill it with the following:
The configuration above tells Logstash to collect all files with
.log extention in
Next, we will create a filter to prevent Elasticsearch to store logs in the
message field and simplify the analysis.
Restart logstash to apply our changes
service logstash restart
System logs are now collected and stored in elasticsearch, you can visualize them with Kibana. Open a browser and go to
http://<your_server_public_ip>. You are asked for a login and password. You can retrieve them on the message of the day (MOTD) when you connect your server.
You land on Kibana homepage and are asked to configure an index pattern. Index patterns are used to identify the Elasticsearch index to run search and analytics against.
To create the first index, select
@timestamp from the Time-field-name menu and click the Create button.
On the top navigation bar, click the Discover tab.
Here will be displayed all the log collected and an histogram representing the log activity.
It is your turn now! Start playing with Kibana, create graphics and filters on your logs :)
ELK stack lets you search and analyze your data with ease. From here you can go deeper and create a more complex configuration. For instance you can use
logstash-forwarder which let you collect logs from remote servers and send them to Logstash.
If you have any suggestion or question on this documentation, please leave a comment.