This repository contains a simple example demonstrating how to set up logging with Spring Boot applications and integrate them with the ELK (Elasticsearch, Logstash, Kibana) stack for centralized log management and analysis.
In this setup, a Spring Boot application communicates with Logstash to send its logs. Logstash processes these logs and forwards them to Elasticsearch for storage and indexing. Kibana, running on a separate port, provides a user-friendly interface to visualize and analyze the logs stored in Elasticsearch.
-
Spring Boot Application: Generates logs which are collected by Logstash. This is facilitated by the
logstash.conf
file, which needs to be created. In this configuration file, specify the input file path and the output Elasticsearch host along with its port. -
Logstash: Collects logs from the Spring Boot application and sends them to Elasticsearch.
-
Elasticsearch: Stores and indexes the logs received from Logstash.
-
Kibana: Provides a web interface to interact with Elasticsearch, allowing users to visualize and analyze logs.
Find Detailed Steps involved Steps for ELK Setup
- Clone the repository containing the Spring Boot application to your local machine.
- Do a mvn clean install
- mvn spring-boot:run
- Visit Elasticsearch Downloads and download the appropriate file for your system.
- Extract the downloaded tar file and navigate to the Elasticsearch bin directory (e.g.,
${location}/elasticsearch-8.12.2/bin
) - Run
./elasticsearch
to start Elasticsearch. Accesslocalhost:9200
in your browser to verify successful startup. If issues arise, consider disabling X-Pack security by running./elasticsearch -E xpack.security.enabled=false
. - Note that starting from Elasticsearch 8, SSL/TLS is enabled by default for HTTP clients. If you encounter a warning message regarding server certificate trust, ensure your browser trusts the certificate or disable SSL in the
elasticsearch.yml
configuration.
- Get Logstash from Logstash Downloads.
- Create a
logstash.conf
file specifying the location of your logs for Logstash to ingest. - In
logstash.conf
, define the input source (e.g., file location) and the output destination (your Elasticsearch host). - Launch Logstash by running
./logstash -f /path/to/logstash.conf
. Access Logstash console logs viahttp://localhost:9600/
.
- Download Kibana from Kibana Downloads.
- Extract the tar file and navigate to the Kibana config directory. Open the
.yml
file and enable the Elasticsearch host to ensure Kibana can communicate with Elasticsearch. - Navigate to the Kibana bin directory and start Kibana with
kibana.sh
. Access Kibana athttp://localhost:5601/
.
- Visit
http://localhost:9200/_cat
to view all available categories. Navigate tohttp://localhost:9200/_cat/indices
to see the internally created indexes. - Open Kibana and navigate to Analytics. Create a data view by selecting index patterns. Upon saving, access the logs via the Discover tab, where you can view logs and related details in JSON format.