ELK, which stands for ElasticSearch, Logstash, and Kibana, is a very commonly used stack of open source projects used to index, store, and query and graph application logs. For cloud native applications, it is common to have dozens of application components, scaled across multiple containers or virtual machines. Each of these application components will generate log information at various levels of importance (informational, warnings, errors) which are a key indicator of application health. For distributed applications, it is a challenge to centralize and index all of these log entries. ElasticSearch, Logstash, and Kibana work together to allow system administrators to aggregate, index, store, and visualize application logs.

By allowing application administrators to aggregate, index, store, and visualize application logs, the ELK stack enables administrators to perform root-cause analysis during outages by identifying cascading errors on a timeline, or to create a dashboard for application health that can flag abnormalities in log behavior. The stack has multiple variants, reflecting the growing maturity of the Observability space, but as the original log management “reference stack”, the ELK stack continues to be important for the cloud native application space.

• ElasticSearch solution brief
• Deploying an ELK Stack on the Google Tau T2A Instance
• CNCF Triggers a Platform Parity Breakthrough for Arm64 and x86