学技术学英语：ELK是什么

📢📢📢： 先看关键单词，再看英文，最后看中文总结，再回头看一遍英文原文，效果更佳！！

关键词

|-----------------|-------|--------------------|
| aggregate | 聚合 | /ˈæɡrɪɡeɪt/ |
| analytics | 分析学 | /ˌænəˈlɪtɪks/ |
| destination | 目的地 | /ˌdɛstɪˈneɪʃən/ |
| distributed | 分布式的 | /dɪˈstrɪbjutɪd/ |
| elasticsearch | 弹性搜索 | /ɪˈlæstɪksɜːrtʃ/ |
| ingestion | 摄取 | /ɪnˈdʒɛstʃən/ |
| infrastructure | 基础设施 | /ˈɪnfrəˌstrʌktʃər/ |
| integration | 整合 | /ˌɪntɪˈɡreɪʃən/ |
| operational | 操作的 | /ˌɒpəˈreɪʃənəl/ |
| pipeline | 管道 | /ˈpaɪplaɪn/ |
| prebuilt | 预构建的 | /ˌpriːˈbɪlt/ |
| schema | 模式 | /ˈskiːmə/ |
| server-side | 服务器端的 | /ˈsɜːrvərˌsaɪd/ |
| subset | 子集 | /ˈsʌbˌsɛt/ |
| transform | 转换 | /trænsˈfɔːrm/ |
| troubleshooting | 故障排除 | /ˈtruːblˌʃuːtɪŋ/ |
| unstructured | 非结构化的 | /ʌnˈstrʌktʃərd/ |
| visualization | 可视化 | /ˌvɪʒuəlɪˈzeɪʃən/ |

正文：

What is the ELK Stack?

The ELK stack is an acronym used to describe a stack that comprises three popular projects: Elasticsearch, Logstash, and Kibana. Often referred to as Elasticsearch, the ELK stack gives you the ability to aggregate logs from all your systems and applications, analyze these logs, and create visualizations for application and infrastructure monitoring, faster troubleshooting, security analytics, and more.

E = Elasticsearch

Elasticsearch is a distributed search and analytics engine built on Apache Lucene. Support for various languages, high performance, and schema-free JSON documents makes Elasticsearch an ideal choice for various log analytics and search use cases.

L = Logstash

Logstash is an open-source data ingestion tool that allows you to collect data from various sources, transform it, and send it to your desired destination. With prebuilt filters and support for over 200 plugins, Logstash allows users to easily ingest data regardless of the data source or type.

Logstash is a lightweight, open-source, server-side data processing pipeline that allows you to collect data from various sources, transform it on the fly, and send it to your desired destination. It is most often used as a data pipeline for Elasticsearch, an open-source analytics and search engine. Because of its tight integration with Elasticsearch, powerful log processing capabilities, and over 200 prebuilt open-source plugins that can help you easily index your data, Logstash is a popular choice for loading data into Elasticsearch.

Easily load unstructured data

Logstash allows you to easily ingest unstructured data from various data sources including system logs, website logs, and application server logs.

Prebuilt filters

Logstash offers prebuilt filters, so you can readily transform common data types, index them in Elasticsearch, and start querying without having to build custom data transformation pipelines.

Flexible plugin architecture

With over 200 plugins already available on GitHub, it is likely that someone has already built the plugin that you need to customize your data pipeline. But if one is not available that suits your requirements, you can easily create one yourself.

K = Kibana

Kibana is a data visualization and exploration tool used for log and time-series analytics, application monitoring, and operational intelligence use cases. It offers powerful and easy-to-use features such as histograms, line graphs, pie charts, heat maps, and built-in geospatial support. Also, it provides tight integration with Elasticsearch, a popular analytics and search engine, which makes Kibana the default choice for visualizing data stored in Elasticsearch.

Interactive charts

Kibana offers intuitive charts and reports that you can use to interactively navigate through large amounts of log data. You can dynamically drag time windows, zoom in and out of specific data subsets, and drill down on reports to extract actionable insights from your data.

Mapping support

Kibana comes with powerful geospatial capabilities, so you can seamlessly layer in geographical information on top of your data and visualize results on maps.

Prebuilt aggregations and filters

Using Kibana's prebuilt aggregations and filters, you can run various analytics like histograms, top-N queries, and trends in just a few steps.

Easily accessible dashboards

You can easily set up dashboards and reports and share them with others. All you need is a browser to view and explore the data.

How does the ELK stack work?

1. Logstash ingests, transforms, and sends the data to the right destination.
2. Elasticsearch indexes, analyzes, and searches the ingested data.
3. Kibana visualizes the results of the analysis.

What does the ELK stack do?

The ELK stack is used to solve a wide range of problems, including log analytics, document search, security information and event management (SIEM), and observability. It provides the search and analytics engine, data ingestion, and visualization.

总结：

• ELK Stack简介：

  • ELK Stack由Elasticsearch, Logstash和Kibana组成，用于日志聚合、分析和可视化。

• Elasticsearch (E)：

  • 是一个分布式搜索和分析引擎，基于Apache Lucene。

  • 支持多种语言，高性能，适用于日志分析和搜索。

• Logstash (L)：

  • 一个开源数据摄取工具，能够从各种来源收集数据，转换数据并发送到指定目的地。

  • 提供超过200个插件，支持灵活的数据管道构建。

• Kibana (K)：

  • 数据可视化和探索工具，用于日志和时间序列分析、应用监控和运营智能。

  • 提供直观的图表和报告，支持地理空间数据展示，具有预建的聚合和过滤器。

• ELK Stack的工作原理：

  • Logstash 摄取、转换并发送数据到Elasticsearch。

  • Elasticsearch 索引、分析和搜索数据。

  • Kibana 展示分析结果的可视化。

• ELK Stack的用途：

  • 用于解决日志分析、文档搜索、安全信息和事件管理（SIEM）以及可观察性等问题。

  • 提供搜索和分析引擎、数据摄取以及数据可视化功能。