We have moved to a distributed Linux/Apache Tomcat environment, and the logs [apache, tomcat, applications, sys, etc] are killing me. We keep talking about centralize logging but doesn't seem like an easy task. I've been reading the docs on ELK, and I like what I see. What I'm still not seeing is the overall architecture in a distributed system. So I have a Logstash process on each of my server nodes? Then each of those nodes parse and report back to a centralized Elasticsearch engine? Is there any documentation that anyone could point me to get a better understanding?
So that is question 1. The second question is that we visualized a copy of our production in our test environment. How can I keep the events separate from our production and test environments? Any help would be greatly appreciated. Thanks, Josh -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/54489f93-97e1-4db4-8254-762df46e5d0a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
