Skip to content

Elastic

Elastic Search Integration

Elasticsearch is an open-source, distributed, document storage and search engine that stores and retrieves data structures in near real-time. Elasticsearch represents data in the form of structured JSON documents and makes full-text search accessible via RESTful API and web clients for languages like PHP, Python, and Ruby. It’s also elastic in the sense that it’s easy to scale horizontally—simply add more nodes to distribute the load.

Integration of Elasticsearch (ELK Stack):

a. Prerequisites

  • ElasticSearch Host / ELK should be up and running for this Integration.
  • Please refer this link to deploy ELK stack inyour enviornment link.

b. Steps to Integrate:

  • Go to Channel Integration.
  • Click integrate now on Elastic Search
  • Enter the following details to configure Elastic Search.

    • Integration Name: Enter the name for the integration. You can set any name. e.g., Test Elastic
    • ELastic Host: Enter the ElastiSearch Host Name. e.g., http://elasticsearch.organisation.com/
    • Username : Enter your Elastic Search username created while deploying the ELK stack .e.g., elasticxxxx
    • Password: Enter the password for the same ELK deployment. e.g., elasticxxxx
    • Mount Path: Enter your logs mount path that will be passed to FileBeat as input. e.g., /path/log/var
    • Index Name: Optional field to specify the particluar index to search the pushed logs to elastic using the index name. e.g., main
    • Index Type:Optional field to specify the log type being pushed to elastic. e.g., _json
  • Click Test to check if the entered details are being validated, If you receive Test Successful, you have entered a valid Elastic credentials.

  • Click Save to save the Integration.

Back to top