PingDirectory

Monitoring server metrics with ELK

You can use Elasticsearch, Logstash, and Kibana, referred to together as the ELK Stack, to monitor a PingDirectory server by consuming the server logs.

The ELK Stack is highly configurable and can support server monitoring needs in production environments. To work with PingDirectory servers, point Logstash to the location of the JSON-formatted server logs that you want to consume.

The ELK Stack is a third-party solution provided by Elastic. The information in this topic is for your convenience and should be confirmed by consulting the manufacturer.

If you want to try monitoring PingDirectory using the ELK Stack with minimal configuration:

  • Use a test environment.

  • Create log publishers in JSON formats to make them easy to parse.

  • Because Filebeat is easier to configure, use it to consume your logs instead of Logstash. Configure Filebeat with the location of the PingDirectory logs and a log output type of JSON.

  • Consult the Elastic documentation for help configuring and deploying an ELK Stack in Docker.

If you have an established PingDirectory logging configuration and want to develop a production-capable ELK monitoring solution:

  • Start in a lower environment.

  • Because it is more configurable, try working with Logstash. For example, you can create filters on your logging data. If possible, use JSON-formatted logs.

  • If you have a clustered server configuration, configure all PingDirectory logs to write to a central location from which Logstash can consume them.

  • Determine what kinds of data you want to surface in your monitoring and create Elasticsearch indexes around them. For example, you might want to focus on particular types of searches or updates.