4
Timestamped Data Ingestion
The Elastic Stack provides many ways for ingesting timestamped data. In this chapter, we’re going to focus on two of them: Elastic Agent and Beats. Elastic Agent acts as an integrated solution for monitoring a variety of data types on each host, including logs and metrics. It additionally safeguards hosts against security risks and enables querying of operating system data. Elastic Agent can also be centrally managed by leveraging Fleet. Meanwhile, Beats have been around for a long time and are lightweight data shippers that transmit operational data to Elasticsearch. Depending on what data you want to collect, you may need to install multiple Beats shippers on a single host.
Figure 4.1 presents a decision tree to ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access