Getting to grips with ELK is simple: you simply have to install three archives through the formal site, unzip them and run a couple of binaries. The system’s simpleness allowed us to try it down more than a days that are few realize how good it suited us.
It truly did fit like a glove. Theoretically we are able to implement every thing we truly need, and, when needed, compose our very own solutions and build them in to the basic infrastructure.
Even though we wanted to give the third contender a fair shot that we were completely satisfied with ELK.
Nonetheless we concluded that ELK is an infinitely more system that is flexible we’re able to customise to accommodate our requirements and whoever elements could possibly be changed away easily. You don’t wish to pay for Watcher — it is fine. Make your very own. Whereas with ELK all of the components can be simply eliminated and changed, with Graylog 2 it felt like getting rid of some right components included ripping out of the really origins for the system, as well as other elements could simply not be included.
So we made our decision and stuck with ELK.
At a tremendously very early phase we managed to get a necessity that logs need to both result in our bodies and stick to the disk. Log collection and analysis systems are superb, but any operational system experiences delays or malfunctions. During these situations, absolutely nothing surpasses the features that standard Unix resources like grep, AWK, sort etc.