ELK 4 days - up1/training-courses GitHub Wiki
Outline
Day 1
-
Introduction
- Elastic Stack Overview (ELK)
- Elasticsearch
- Logstash
- Beats
- Kibana
- Elastic Stack Overview (ELK)
-
Elasticsearch
- What and Why
- Terminology: Documents, Index, Shards, Node, Cluster, Scale Up/Out
- Data modeling for Elasticsearch
- CRUD operations
- Query data
- Aggregate data
- Indexing data
- Update data
- Delete data
-
Kibana
- What and Why
- Configuration Settings
- Time Picker, Search, and Filters
- Kibana Discover, Visualization, and Dashboard Interfaces
- Installation and configuration
- Backup and restore
- Cluster and availability nuances
- Best practices
Day 2
-
Operate: Configuring & Deploying
- Configuring Elasticsearch
- Deploying Elasticsearch
- Workshop
-
Node: Discovery, Types, and Cluster State
- Distributed Model and Discovery
- Master, Data, Client, and Tribe Nodes
- Master Election and Minimum Master Nodes
- Cluster State
- Shard Allocation
- Workshop
-
Backup: Snapshot and Restore
- High Availability vs. Backup
- Repository, Snapshot, and Restore
- Workshop
Day 3
-
Production Monitoring
- Alerting Best Practices
- JVM
- Query Performance
- Thread Pools
- Diagnosing Problems
- Workshop
-
Production Operational Best Practices
- Memory
- Networking
- Disk
- Security
- Cluster Restart (Rolling and Full)
- Workshop
Day 4
-
Logstash
- What and Why
- Configuration
- Inputs, Filters, and Outputs
- Installation and configuration
- Workshop
-
Filebeat
- Logs and problems
- Filebeat architecture
- Installation and configuration
- Workshop