Course Code: elkforsysadmins
Duration: 14 hours
Prerequisites:
  • System administration experience
  • Familiarity with the Linux command line
  • No previous experience with Elasticsearch is required

Audience

  • System administrators
Overview:

This instructor-led, live training is aimed at system administrators who wish to set up an ELK stack (Elasticsearch, Logstash, Kibana).

The training starts with a discussion of ELK architecture and functionality, then moves on to live lab implementation and practice. Hands-on exercises make up an important part of the training and give participants a chance to put into practice their knowledge while receiving feedback on their progress.

Format of the course

  • Heavy emphasis on live practice
  • Most of the concepts are learned through exercises and hands-on implementation and deployment
Course Outline:

Introduction

  • Elastic Stack Overview (ELK)

Elasticsearch

Overview:

  • What and Why
  • Terminology: Documents, Index, Shards, Node, Cluster, Scale Up/Out

Operate: Configuring & Deploying

  • Configuring Elasticsearch
  • Deploying Elasticsearch
  • Lab

Node: Discovery, Types, and Cluster State

  • Distributed Model and Discovery
  • Master, Data, Client, and Tribe Nodes
  • Master Election and Minimum Master Nodes
  • Cluster State
  • Shard Allocation

Backup: Snapshot and Restore

  • High Availability vs. Backup
  • Repository, Snapshot, and Restore
  • Internals

Production Monitoring

  • Alerting Best Practices
  • JVM
  • Query Performance
  • Thread Pools
  • Diagnosing Problems

Production Operational Best Practices

  • Memory
  • Networking
  • Disk
  • Security
  • Cluster Restart (Rolling and Full)

Logstash

  • What and Why
  • Configuration
  • Inputs, Filters, and Outputs
  • Installation and configuration
  • Backup and restore
  • Cluster and availability nuances
  • Best practices

Kibana

  • What and Why
  • Configuration Settings
  • Time Picker, Search, and Filters
  • Kibana Discover, Visualization, and Dashboard Interfaces
  • Installation and configuration
  • Backup and restore
  • Cluster and availability nuances
  • Best practices

Filebeat

  • Logs and problems
  • Filebeat architecture
  • Installation and configuration
  • Backup and restore
  • Cluster and availability nuances
  • Best practices

Summary and Conclusion

Sites Published:

United Arab Emirates - ELK: Elasticsearch, Logstash and Kibana for Administrators

Qatar - ELK: Elasticsearch, Logstash and Kibana for Administrators

Egypt - ELK: Elasticsearch, Logstash and Kibana for Administrators

Saudi Arabia - ELK: Elasticsearch, Logstash and Kibana for Administrators

South Africa - ELK: Elasticsearch, Logstash and Kibana for Administrators

Brasil - ELK: Elasticsearch, Logstash and Kibana for Administrators

Canada - ELK: Elasticsearch, Logstash and Kibana for Administrators

中国 - ELK:针对管理员的Elasticsearch、Logstash和Kibana

香港 - ELK: Elasticsearch, Logstash and Kibana for Administrators

澳門 - ELK: Elasticsearch, Logstash and Kibana for Administrators

台灣 - ELK: Elasticsearch, Logstash and Kibana for Administrators

USA - ELK: Elasticsearch, Logstash and Kibana for Administrators

Österreich - ELK: Elasticsearch, Logstash and Kibana for Administrators

Schweiz - ELK: Elasticsearch, Logstash and Kibana for Administrators

Deutschland - ELK: Elasticsearch, Logstash and Kibana for Administrators

Czech Republic - ELK: Elasticsearch, Logstash and Kibana for Administrators

Denmark - ELK: Elasticsearch, Logstash and Kibana for Administrators

Estonia - ELK: Elasticsearch, Logstash and Kibana for Administrators

Finland - ELK: Elasticsearch, Logstash and Kibana for Administrators

Greece - ELK: Elasticsearch, Logstash and Kibana for Administrators

Magyarország - ELK: Elasticsearch, Logstash and Kibana for Administrators

Ireland - ELK: Elasticsearch, Logstash and Kibana for Administrators

Luxembourg - ELK: Elasticsearch, Logstash and Kibana for Administrators

Latvia - ELK: Elasticsearch, Logstash and Kibana for Administrators

España - ELK: ElasticSearch, Logstash y Kibana para administradores

Italia - ELK: Elasticsearch, Logstash and Kibana for Administrators

Lithuania - ELK: Elasticsearch, Logstash and Kibana for Administrators

Nederland - ELK: Elasticsearch, Logstash and Kibana for Administrators

Norway - ELK: Elasticsearch, Logstash and Kibana for Administrators

Portugal - ELK: Elasticsearch, Logstash and Kibana for Administrators

România - ELK: Elasticsearch, Logstash and Kibana for Administrators

Sverige - ELK: Elasticsearch, Logstash and Kibana for Administrators

Türkiye - ELK: Elasticsearch, Logstash and Kibana for Administrators

Malta - ELK: Elasticsearch, Logstash and Kibana for Administrators

Belgique - ELK: Elasticsearch, Logstash and Kibana for Administrators

France - ELK: Elasticsearch, Logstash and Kibana for Administrators

日本 - ELK: Elasticsearch, Logstash and Kibana for Administrators

Australia - ELK: Elasticsearch, Logstash and Kibana for Administrators

Malaysia - ELK: Elasticsearch, Logstash and Kibana for Administrators

New Zealand - ELK: Elasticsearch, Logstash and Kibana for Administrators

Philippines - ELK: Elasticsearch, Logstash and Kibana for Administrators

Singapore - ELK: Elasticsearch, Logstash and Kibana for Administrators

Thailand - ELK: Elasticsearch, Logstash and Kibana for Administrators

Vietnam - ELK: Elasticsearch, Logstash and Kibana for Administrators

India - ELK: Elasticsearch, Logstash and Kibana for Administrators

Argentina - ELK: ElasticSearch, Logstash y Kibana para administradores

Chile - ELK: ElasticSearch, Logstash y Kibana para administradores

Costa Rica - ELK: ElasticSearch, Logstash y Kibana para administradores

Ecuador - ELK: ElasticSearch, Logstash y Kibana para administradores

Guatemala - ELK: ElasticSearch, Logstash y Kibana para administradores

Colombia - ELK: ElasticSearch, Logstash y Kibana para administradores

México - ELK: ElasticSearch, Logstash y Kibana para administradores

Panama - ELK: ElasticSearch, Logstash y Kibana para administradores

Peru - ELK: ElasticSearch, Logstash y Kibana para administradores

Uruguay - ELK: ElasticSearch, Logstash y Kibana para administradores

Venezuela - ELK: ElasticSearch, Logstash y Kibana para administradores

Polska - ELK: Elasticsearch, Logstash and Kibana for Administrators

United Kingdom - ELK: Elasticsearch, Logstash and Kibana for Administrators

South Korea - ELK: Elasticsearch, Logstash and Kibana for Administrators

Pakistan - ELK: Elasticsearch, Logstash and Kibana for Administrators

Sri Lanka - ELK: Elasticsearch, Logstash and Kibana for Administrators

Bulgaria - ELK: Elasticsearch, Logstash and Kibana for Administrators

Bolivia - ELK: ElasticSearch, Logstash y Kibana para administradores

Indonesia - ELK: Elasticsearch, Logstash and Kibana for Administrators

Kazakhstan - ELK: Elasticsearch, Logstash and Kibana for Administrators

Moldova - ELK: Elasticsearch, Logstash and Kibana for Administrators

Morocco - ELK: Elasticsearch, Logstash and Kibana for Administrators

Tunisia - ELK: Elasticsearch, Logstash and Kibana for Administrators

Kuwait - ELK: Elasticsearch, Logstash and Kibana for Administrators

Oman - ELK: Elasticsearch, Logstash and Kibana for Administrators

Slovakia - ELK: Elasticsearch, Logstash and Kibana for Administrators

Kenya - ELK: Elasticsearch, Logstash and Kibana for Administrators

Nigeria - ELK: Elasticsearch, Logstash and Kibana for Administrators

Botswana - ELK: Elasticsearch, Logstash and Kibana for Administrators

Slovenia - ELK: Elasticsearch, Logstash and Kibana for Administrators

Croatia - ELK: Elasticsearch, Logstash and Kibana for Administrators

Serbia - ELK: Elasticsearch, Logstash and Kibana for Administrators

Bhutan - ELK: Elasticsearch, Logstash and Kibana for Administrators

Nepal - ELK: Elasticsearch, Logstash and Kibana for Administrators

Uzbekistan - ELK: Elasticsearch, Logstash and Kibana for Administrators