In this post I will describe a simple setup of Monit service for improving reliability of ELK infrastructure. Among different available solutions, Monit was chosen mainly for its simplicity, dependability and non-intrusiveness.
Let’s assume that we have quite standard ELK infrastructure, with Filebeat input data sources, processed by Logstash instances (let’s say for performance reasons), further indexed by Elasticsearch instance. Finally there is a machine which is running Kibana service to manage the visualizations. This infrastructure will perform well until it fails and those of you who have experience with ELK systems probably know that failures on the service layer can occur unexpectedly and sometimes even without leaving a trace of the issue causing crashes. Leaving such configuration without monitoring (in fact any server(s)) is a big mistake and for sure there will a price to pay in future.