Elastic stack at a glance

• New log usages
• Elasticsearch ecosystem
• Elasticsearch, Logstash, Beats and Kibana roles
• Architecture samples

Introducing Elasticsearch

• From indexing to search
• Text Analysis
• Mappings and analysis configuration
• Elasticsearch query DSL
• Queries and Filters
• Aggregations
• Replication and sharding
• Index templates and aliases
• Data streams
• ILM and rollover

Data integration

• Beats agents
  • The key concepts; Input, Module, Ourput, Processor, ...
  • The Modules
  • The Inputs (with multiline management) and the Outputs
  • The Processors
  • Include / Exclude
  • Command line
• Ingest pipelines
  • Creation, update and testing
  • Processors, Mustache syntax
  • Error management
  • Usage in Beats agents
• Logstash
  • The key concepts: Input, Output, Filter, ...
  • The Inputs and Outputs
  • The Filters: Date, Grok, Dissect, Mutate, ...
  • Threading and high availability
  • Persistent queues, dead letter queue
  • Multi pipelines
  • Sending events to index / data stream
• Fleet
  • Elastic agent
  • Fleet server
  • Integrations
  • Elastic Agent policies
  • Central management

Kibana

• Data discovery and queries building
• Visualizations building using GUI aggregations builder
• Different types of visualizations
• Dashboard building and management
• Canvas to build interactive presentation
• Sharing et reporting
• Alerting