📢📢📢： 先看关键单词，再看英文，最后看中文总结，再回头看一遍英文原文，效果更佳！！

关键词

aggregate	聚合	/ˈæɡrɪɡeɪt/
analytics	分析学	/ˌænəˈlɪtɪks/
destination	目的地	/ˌdɛstɪˈneɪʃən/
distributed	分布式的	/dɪˈstrɪbjutɪd/
elasticsearch	弹性搜索	/ɪˈlæstɪksɜːrtʃ/
ingestion	摄取	/ɪnˈdʒɛstʃən/
infrastructure	基础设施	/ˈɪnfrəˌstrʌktʃər/
integration	整合	/ˌɪntɪˈɡreɪʃən/
operational	操作的	/ˌɒpəˈreɪʃənəl/
pipeline	管道	/ˈpaɪplaɪn/
prebuilt	预构建的	/ˌpriːˈbɪlt/
schema	模式	/ˈskiːmə/
server-side	服务器端的	/ˈsɜːrvərˌsaɪd/
subset	子集	/ˈsʌbˌsɛt/
transform	转换	/trænsˈfɔːrm/
troubleshooting	故障排除	/ˈtruːblˌʃuːtɪŋ/
unstructured	非结构化的	/ʌnˈstrʌktʃərd/
visualization	可视化	/ˌvɪʒuəlɪˈzeɪʃən/

正文：

What is the ELKSTACK.html" title=ELK Stack>ELK Stack?

The ELK stack is an acronym used to describe a stack that comprises three popular projects: Elasticsearch, Logstash, and Kibana. Often referred to as Elasticsearch, the ELK stack gives you the ability to aggregate logs from all your systems and applications, analyze these logs, and create visualizations for application and infrastructure monitoring, faster troubleshooting, security analytics, and more.

E = Elasticsearch

Elasticsearch is a distributed search and analytics engine built on Apache Lucene. Support for various languages, high performance, and schema-free JSON documents makes Elasticsearch an ideal choice for various log analytics and search use cases. 

 

L = Logstash

Logstash is an open-source data ingestion tool that allows you to collect data from various sources, transform it, and send it to your desired destination. With prebuilt filters and support for over 200 plugins, Logstash allows users to easily ingest data regardless of the data source or type. 

Logstash is a lightweight, open-source, server-side data processing pipeline that allows you to collect data from various sources, transform it on the fly, and send it to your desired destination. It is most often used as a data pipeline for Elasticsearch, an open-source analytics and search engine. Because of its tight integration with Elasticsearch, powerful log processing capabilities, and over 200 prebuilt open-source plugins that can help you easily index your data, Logstash is a popular choice for loading data into Elasticsearch.

Easily load unstructured data

Logstash allows you to easily ingest unstructured data from various data sources including system logs, website logs, and application server logs. 

Prebuilt filters

Logstash offers prebuilt filters, so you can readily transform common data types, index them in Elasticsearch, and start querying without having to build custom data transformation pipelines.

Flexible plugin architecture

With over 200 plugins already available on GitHub, it is likely that someone has already built the plugin that you need to customize your data pipeline. But if one is not available that suits your requirements, you can easily create one yourself.

K = Kibana

Kibana is a data visualization and exploration tool used for log and time-series analytics, application monitoring, and operational intelligence use cases. It offers powerful and easy-to-use features such as histograms, line graphs, pie charts, heat maps, and built-in geospatial support. Also, it provides tight integration with Elasticsearch, a popular analytics and search engine, which makes Kibana the default choice for visualizing data stored in Elasticsearch.

Interactive charts

Kibana offers intuitive charts and reports that you can use to interactively navigate through large amounts of log data. You can dynamically drag time windows, zoom in and out of specific data subsets, and drill down on reports to extract actionable insights from your data.

Mapping support

Kibana comes with powerful geospatial capabilities, so you can seamlessly layer in geographical information on top of your data and visualize results on maps.

Prebuilt aggregations and filters

Using Kibana’s prebuilt aggregations and filters, you can run various analytics like histograms, top-N queries, and trends in just a few steps.

Easily accessible dashboards

You can easily set up dashboards and reports and share them with others. All you need is a browser to view and explore the data.

How does the ELK stack work?

1. Logstash ingests, transforms, and sends the data to the right destination.
2. Elasticsearch indexes, analyzes, and searches the ingested data.
3. Kibana visualizes the results of the analysis.

What does the ELK stack do?

The ELK stack is used to solve a wide range of problems, including log analytics, document search, security information and event management (SIEM), and observability. It provides the search and analytics engine, data ingestion, and visualization.

总结：

• ELKSTACK.html" title=ELK Stack>ELK Stack简介：

  • ELKSTACK.html" title=ELK Stack>ELK Stack由Elasticsearch, Logstash和Kibana组成，用于日志聚合、分析和可视化。

• Elasticsearch (E)：

  • 是一个分布式搜索和分析引擎，基于Apache Lucene。

  • 支持多种语言，高性能，适用于日志分析和搜索。

• Logstash (L)：

  • 一个开源数据摄取工具，能够从各种来源收集数据，转换数据并发送到指定目的地。

  • 提供超过200个插件，支持灵活的数据管道构建。

• Kibana (K)：

  • 数据可视化和探索工具，用于日志和时间序列分析、应用监控和运营智能。

  • 提供直观的图表和报告，支持地理空间数据展示，具有预建的聚合和过滤器。

• ELKSTACK.html" title=ELK Stack>ELK Stack的工作原理：

  • Logstash 摄取、转换并发送数据到Elasticsearch。

  • Elasticsearch 索引、分析和搜索数据。

  • Kibana 展示分析结果的可视化。

• ELKSTACK.html" title=ELK Stack>ELK Stack的用途：

  • 用于解决日志分析、文档搜索、安全信息和事件管理（SIEM）以及可观察性等问题。

  • 提供搜索和分析引擎、数据摄取以及数据可视化功能。