Configuring the ELK stack for logging and dashboardsThe YOUnite ecosystem uses the Open Source Elastic Stack (https://www.elastic.co/products) to log (Logstash), search (Elasticsearch), analyze, and visualize (Kibana) all API requests and message bus traffic.
For development, we use a the combined ELK Elastic stack Docker image which that contains Elastic, Logstash, and KIbana in one imageKibana is used. However, for production deployments, it is suggested that an organization run a three-node cluster; this requires purchasing three node licenses from Elastic.
Configuring the Elastic stack for l]Logging and Dashboards.
The default docker-compose.yml file contains most of the required configuration, with the exception of some configuration required for the elastic portion and the kibana portionElastic and Kibana portions.
Elastic-specific configuration is in the elasticsearch.yml file. In the dev environment, this is done via /open-mdm/docker/elk/elasticsearch.yml, currently .
Currently the changes to the elasticsearch.yml file from the defaults are:
- action.auto_create_index: -mdm-* This is added to disallow the creation if of indices on the fly, forcing mdmMDM's logging system to create the index definition with the appropriate mappings. This may change if templates templates are used for the mappings, depending on how we choose to handle changes when future versions roll out.
Kibana-specific configuration is in the kibana.yml file.:
- elasticsearch.url: http://elk:9200 This is added to force kibana Kibana to go back through the oauth OAuth proxy for hits to elasticElastic, instead of the default of localhost. Elk is the The name of the oauth OAuth proxy in front is from of the "elk-backend, which is " (the actual, combined ELK image.Elastic stack image) is "elk."