Sources for Monitoring
- Network Connectivity to Host/Device: This informs whether the server or device is up or not
- Protocol: ICMP, TCP
- Ip Address/fqdn (fully qualified domain name)
- Physical/Virtual Server Metrics:
- CPU Utilization
- Memory Utilization
- Free disk space
- Network I/O
- Disk I/O
- Operating System Logs
- Windows => Event viewer
- Linux =>
/var/logs- Syslog service
- journalctl
- Application Health Check/Probe
- Alive/Not:
- Http(s) request
- Validate response
- Status Code
- 1xx = information
- 2xx = Success
- 3xx = Redirection
- 4xx = client errors
- 5xx = server side errors
- Status Code
- Alive/Not:
- Application Logs
- stdout, stderr => redirect logs to some file
- linux => /var/logs
- databases
- Tracing/APM: This is generally not enabled, we need to enable and run the application which will lead to APM (Application Performance Monitoring)
- Application Metrics
- Requests
- Error rate
- Request sizes per second
Log Levels
- CRITICAL => Severe issue
- ERROR => Any failure in your application
- INFO => Informational log
- DEBUG => Logs with low level details
- VERBOSE => Logs literally everything.
Tools for monitoring
- Server Monitoring
- Nagios
- Zabbix
- Elastic Stack
- Application Log Monitoring
- Splunk
- Elastic Stack
- APM:
- App Dynamics
- New Relic
- Elastic Stack
- Alerting Options/Notifications:
- Push
- SMS
- SIEM
- Communication Channel
- Slack
- Teams
Elastic Stack
- This is collection of tools very popular in
- Big Data
- Log Analysis and Monitoring
- Elastic Stack is collection of tools
- Elastic Search
- Log Stash
- Kibana
- Beats
- X-Pack
Elastic Stack Architecture
