In this section, we will configure all the tools for capturing the data. The components we will use are Elasticsearch, Logstash, Kibana, Filebeat, Metricbeat, and Packetbeat. Our pipeline would look like the following diagram:

All of the components share the same version, that is, 5.1.1. We will read logs using Filebeat, push those logs to Logstash for processing, and then add them to Elasticsearch for indexing. For our setup, Logstash is used at 192.168.0.112, Kibana is installed at 192.168.0.111 and Elasticsearch instance is set up at 192.168.0.110. This Elasticsearch instance is different than what we installed ...