Data
Reader small image

You're reading from  Monitoring Elasticsearch

Product typeBook
Published inJul 2016
PublisherPackt
ISBN-139781784397807
Edition1st Edition
Tools
Elasticsearch
Concepts
Enterprise Search
Right arrow
Authors (3):
Dan Noble
Dan Noble
author image
Dan Noble

About the Author Dan is a software engineer with a passion for writing secure, clean, and articulate code. He enjoys working with a variety of programming languages and software frameworks, particularly Python, Elasticsearch, and frontend technologies. Dan currently works on geospatial web applications and data processing systems. Dan has been a user and advocate of Elasticsearch since 2011. He has given talks about Elasticsearch at various meetup groups, and is the author of the Python Elasticsearch client “rawes.” Dan was also a technical editor for the Elasticsearch Cookbook, Second Edition, by Alberto Paro (ISBN: 1783554835). Acknowledgements I would like to thank my beautiful wife, Julie, for putting up with me while I wrote this book. Thanks for supporting me every step of the way. I would also like to thank my friends and colleagues James Cubeta, Joe McMahon, and Mahmoud Lababidi, who shared their insight, time, and support. I would like to give a special thanks to Abe Usher – you have been an incredible mentor over the years. Finally, thanks to everyone at Packt Publishing for helping to make this book happen. A special thanks to Merint Mathew, Sonali Vernekar, Husain Kanchwala, and Amey Varangaonkar for your valuable and careful feedback.
Read more about Dan Noble

Pulkit Agrawal
Pulkit Agrawal
author image
Pulkit Agrawal


Read more about Pulkit Agrawal

Mahmoud Lababidi
Mahmoud Lababidi
author image
Mahmoud Lababidi


Read more about Mahmoud Lababidi

View More author details
Right arrow

Chapter 5. System Monitoring

The previous two chapters focused on Elasticsearch monitoring tools, including Elasticsearch-head, Bigdesk, and Marvel. This chapter will introduce another monitoring tool, Kopf. We will also discuss Elasticsearch, Logstash, and Kibana (ELK), Nagios, and various GNU/Linux command line tools in terms of general purpose system monitoring.

This chapter covers these topics:

  • Monitoring Elasticsearch with Kopf

  • Configuring an Elasticsearch, Logstash, and Kibana (ELK) stack for system log file aggregation and analysis

  • System-level monitoring of a cluster using Nagios

  • GNU/Linux command line tools for system and process management

Working with Kopf

Kopf is a web-based cluster management tool like Elasticsearch-head, but has a more modern look and a few different features. With Kopf, users can check the state of nodes and indices, run REST queries, and perform basic management tasks.

Installing Kopf

Kopf works on Elasticsearch 0.90.x and up. Use the following table to determine which Kopf version is best suited to your cluster:

Elasticsearch Version

Kopf Branch

0.90.x

0.90

1.x

1.0

2.x

2.0

To install Kopf, follow these steps:

  1. Install Kopf on at least one node in your cluster as an Elasticsearch plugin with the following command, replacing {branch} with the value from the branch column in the preceding table:

    $ sudo /usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf/{branch}

    This example will install Kopf on elasticsearch-node-01. Since this node is running Elasticsearch 2.3.2, the command will look like this:

    $ sudo /usr/share/elasticsearch/bin/plugin install lmenezes/elasticsearch-kopf/2.0

  2. To...

Working with Logstash and Kibana

Logstash is a utility for aggregating and normalizing log files from disparate sources and storing them in an Elasticsearch cluster. Once logs are stored in Elasticsearch, we will use Kibana, the same tool Marvel's user interface is built on, to view and explore our aggregated logs.

ELK

The Elasticsearch community refers to the Elasticsearch, Logstash, and Kibana tool combination as the ELK stack. This section shows how to load NGINX server logs into ELK, but there are many other potential use cases for these technologies.

ELK can help us explore NGINX server logs by:

  • Visualizing server traffic over time

  • Plotting server visits by location on a map

  • Searching logs by resource extension (HTML, JS, CSS, and so on), IP address, byte count, or user-agent strings

  • Discovering web requests that result in internal server errors

  • Finding attackers in a distributed denial of service attack

Other uses for ELK include:

  • Logging all Elasticsearch queries in a web application for future...

Working with Nagios

Nagios is a system monitoring and alerting tool. This section will focus on configuring a simple Nagios installation that monitors the nodes in our Elasticsearch cluster, as well as the Elasticsearch process on those. If a node or process shuts down, Nagios will send us an alert.

It's a good idea to install Nagios on a host outside of the Elasticsearch clusters in order to avoid affecting the monitoring process due to other things going on in the system, such as high Elasticsearch load. Create a new host for Nagios and call it elasticsearc h-nagios-01.

Installing Nagios

In addition to the dedicated Nagios host, elasticsearch-nagios-01, install the Nagios Remote Plugin Executor (NRPE) server on all of the Elasticsearch cluster nodes in order to monitor the Elasticsearch process. Follow these steps:

  1. Run the following command on each of the Elasticsearch nodes: elasticsearch-node-01, elasticsearch-node-02, elasticsearch-node-03, and elasticsea rch-marvel-01:

    sudo apt-get install...

Command line tools for system and process management

The command line is an invaluable tool for system monitoring. In this section, we'll go over a few basic GNU/Linux command line utilities for system and process management. Knowing these tools is essential for anyone managing an Elasticsearch cluster on GNU/Linux.

top

The top command lists processes with the highest CPU and memory. This tool is useful to determine whether a process other than Elasticsearch is hogging resources, or to check whether Elasticsearch is using an abnormal amount of CPU or memory.

The top command refreshes automatically, so you only have to run it once and watch.

When running the command, you should see the following result:

The top command

Tip

Press Shift+M while top is running to sort processes by those using the most memory instead of CPU.

tail

The tail -f command is useful for viewing log files in real time. Use it to view Elasticsearch log files as follows:

tail -f /var/log/elasticsearch/*

"tailing" Elasticsearch log...

Summary

This chapter examined the Elasticsearch monitoring tool Kopf, the Elasticsearch, Logstash, and Kibana (ELK) log aggregation stack, the system monitoring tool Nagios, and various GNU/Linux command line utilities.

Some takeaways are:

  • Kopf is an Elasticsearch monitoring tool similar to Elasticsearch-head, but provides a few different metrics.

  • The Elasticsearch, Logstash, and Kibana (ELK) stack is a tool for searching, analyzing, enriching, and visualizing log files.

  • Consider using a tool such as Nagios to monitor an Elasticsearch cluster. Nagios can be configured to send out email notifications when a process goes down or if the node itself goes down.

  • Using a few GNU/Linux command tools, we can gather many of the same metrics provided by the various Elasticsearch monitoring tools.

The next chapter will discuss troubleshooting Elasticsearch performance and reliability issues. The monitoring tools discussed in this chapter will be useful when tackling the real-world problems outlined in upcoming...

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 11 of 15
Next Chapter
You have been reading a chapter from
Monitoring Elasticsearch
Published in: Jul 2016Publisher: PacktISBN-13: 9781784397807
© 2016 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Authors (3)

author image
Dan Noble

About the Author Dan is a software engineer with a passion for writing secure, clean, and articulate code. He enjoys working with a variety of programming languages and software frameworks, particularly Python, Elasticsearch, and frontend technologies. Dan currently works on geospatial web applications and data processing systems. Dan has been a user and advocate of Elasticsearch since 2011. He has given talks about Elasticsearch at various meetup groups, and is the author of the Python Elasticsearch client “rawes.” Dan was also a technical editor for the Elasticsearch Cookbook, Second Edition, by Alberto Paro (ISBN: 1783554835). Acknowledgements I would like to thank my beautiful wife, Julie, for putting up with me while I wrote this book. Thanks for supporting me every step of the way. I would also like to thank my friends and colleagues James Cubeta, Joe McMahon, and Mahmoud Lababidi, who shared their insight, time, and support. I would like to give a special thanks to Abe Usher – you have been an incredible mentor over the years. Finally, thanks to everyone at Packt Publishing for helping to make this book happen. A special thanks to Merint Mathew, Sonali Vernekar, Husain Kanchwala, and Amey Varangaonkar for your valuable and careful feedback.
Read more about Dan Noble

author image
Pulkit Agrawal


Read more about Pulkit Agrawal

author image
Mahmoud Lababidi


Read more about Mahmoud Lababidi

Personalised recommendations for you

Based on your interests and search pattern

Et al.

Et al.

Ever wonder why speech recognition systems don't understand the Scottish accent, or what would happen if an astronaut only ate mac 'n' cheese, or other spurious reflections you'd have at a bar? We did, then collated those deliberations into absurd research articles with fake figures and methodologies inspired by even more fictionally absurd studies.

BookAug 2023230 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages4
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages1
Generative AI with LangChain

Generative AI with LangChain

This book is a comprehensive introduction to LLMs and LangChain, demystifying the basic mechanics of LangChain, its functionalities, and the myriad of applications it can be integrated into.

BookDec 2023360 pages5
Mastering Tableau 2023

Mastering Tableau 2023

This book is a comprehensive resource to mastering your Tableau skills and becoming a BI expert. As you progress, you will learn how to build advanced dashboards and improve your storytelling to derive key business insight, as well as make you well-versed with advanced functionalities of Tableau in the business intelligence domain.

BookAug 2023684 pages
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages5
Building AI Applications with ChatGPT APIs

Building AI Applications with ChatGPT APIs

This guide covers all ChatGPT API features for effortless creation of robust AI powered apps. With its help, you’ll be able to leverage ChatGPT’s cutting-edge NLP models to take your app development skills to the next level. You’ll also work on ten exciting projects that will give you the practical know-how that you can apply to your existing applications.

BookSep 2023258 pages2
Data Engineering with AWS

Data Engineering with AWS

Embark on a journey to master data engineering pipelines on AWS! Our book offers a hands-on experience of AWS services for ingesting, transforming, and consuming data. Whether you're an absolute beginner or someone with basic data engineering experience, this guide is an indispensable resource.

BookOct 2023636 pages5
Modern Data Architecture on AWS

Modern Data Architecture on AWS

Every organization wants an agile, performant, and cost-effective data platform that meets all their current and future business needs. Purpose-built AWS analytics services and their features play a big part in building such a modern data platform. This book brings to you all the design and architectural patterns that’ll help you achieve this goal.

BookAug 2023420 pages5
Practical Guide to Applied Conformal Prediction in Python

Practical Guide to Applied Conformal Prediction in Python

Discover the power of Conformal Prediction with the "Practical Guide to Applied Conformal Prediction in Python." Master the latest techniques to quantify uncertainty in machine learning and computer vision models, and seamlessly apply them to your industry applications.

BookDec 2023240 pages
TinyML Cookbook

TinyML Cookbook

With over 70 project-based recipes, the TinyML Cookbook is a practical guide that will help you to get the most out of your microcontrollers. It provides a comprehensive understanding of the theoretical foundations while giving you hands-on experience training ML models for deployment on Arduino Nano 33 BLE Sense, Raspberry Pi Pico, and SparkFun RedBoard Artemis Nano microcontrollers.

BookNov 2023664 pages