ELK Stack

The ELK stack centralizes log collection, processing, and search. Filebeat ships log files from hosts; Logstash parses, enriches, and routes events; Elasticsearch indexes and stores them for fast full-text queries. This lab focuses on the shipper–pipeline–store path (no Kibana). Common issues include Filebeat not tailing files, Logstash pipeline errors, yellow/red cluster health, and disk pressure from unbounded retention.