# 喬叔帶你上手 Elastic Stack - 探索與實踐 Observability 系列 {% hint style="info" %} 這系列文章是在 iThome 2021 年 IT邦幫忙 鐵人賽 時所撰寫,參加 DevOps 分組主題並得到冠軍的肯定,原始文章發佈於 [iT邦幫忙網站](https://ithelp.ithome.com.tw/users/20129543/ironman/4841)。\ (但排版不易閱讀,因此整理到 GitBook 這邊來:smile:) {% endhint %} ### 喬叔教 Elastic 文章總整理 以下針對這次的 **喬叔帶你上手 Elastic Stack - 探索與實踐 Observability 系列** 進行總覽介紹,方便讀者們掌握系列文章的架構與脈絡。 #### 前言 首先針對 Observability 的定義,以及 Elastic 對於 Observability 的觀點及所提出的解決方案進行介紹,並且在這邊帶出了 Elastic Observability 解進方案中的四大主軸 Uptime、Metrics、Logs、Traces。 * [01 - 前言 & 淺談 Observability](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/qian-yan-qian-tan-observability) * [02 - Elastic 的 Observability 解決方案](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/elastic-de-observability-jie-jue-fang-an) #### Uptime - 掌握系統的生命徵象 系列文章 針對 Elastic Observability 中的 Uptime 進行介紹 ,如何掌握系統的生命徵象,甚至如何從使用者體驗的角度來驗證服務的運作狀態。 * [01 - 我們要觀測的生命徵象是什麼?](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/uptime-zhang-wo-xi-tong-de-sheng-ming-zhi-xiang/wo-men-yao-guan-ce-de-sheng-ming-zhi-xiang-shi-shen-mo) * [02 - 使用 Heartbeat 收集系統生命徵象數據](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/uptime-zhang-wo-xi-tong-de-sheng-ming-zhi-xiang/shi-yong-heartbeat-shou-ji-xi-tong-sheng-ming-zhi-xiang-shu-ju) * [03 - 透過 Kibana 觀看心電圖及設定警報](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/uptime-zhang-wo-xi-tong-de-sheng-ming-zhi-xiang/tou-guo-kibana-guan-kan-xin-dian-tu-ji-she-ding-jing-bao) * [04 - 使用合成監控 (Synthetics Monitor) 從使用者情境驗證服務的運作狀態](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/uptime-zhang-wo-xi-tong-de-sheng-ming-zhi-xiang/shi-yong-he-cheng-jian-kong-synthetics-monitor-cong-shi-yong-zhe-qing-jing-yan-zheng-fu-wu-de-yun-zu) #### Metrics - 觀察系統的健康指標 系列文章 Metrics 是系統 Monitoring 的基礎,在這裡將介紹 Elastic Observability 中的 Metrics 提供了什麼樣的能力,如何實作在自己安裝的機器上、Docker、K8S、甚至是 AWS 的雲端環境,以及如何使用 Metricbeat 來掌握 Elastic Stack 的健康狀態。 * [01 - Metrics 與 Metricbeat 的基本介紹](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/metrics-guan-cha-xi-tong-de-jian-kang-zhi-biao/metrics-yu-metricbeat-de-ji-ben-jie-shao) * [02 - 使用 Metricbeat 掌握 Elastic Stack 的健康狀態](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/metrics-guan-cha-xi-tong-de-jian-kang-zhi-biao/shi-yong-metricbeat-zhang-wo-elastic-stack-de-jian-kang-zhuang-tai) * [03 - 使用 Metricbeat 掌握 Infrastructure 的健康狀態 Host 篇](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/metrics-guan-cha-xi-tong-de-jian-kang-zhi-biao/shi-yong-metricbeat-zhang-wo-infrastructure-de-jian-kang-zhuang-tai-host-pian) * [04 - 使用 Metricbeat 掌握 Infrastructure 的健康狀態 Docker 篇](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/metrics-guan-cha-xi-tong-de-jian-kang-zhi-biao/shi-yong-metricbeat-zhang-wo-infrastructure-de-jian-kang-zhuang-tai-docker-pian) * [05 - 使用 Metricbeat 掌握 Infrastructure 的健康狀態 Kubernetes 篇](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/metrics-guan-cha-xi-tong-de-jian-kang-zhi-biao/shi-yong-metricbeat-zhang-wo-infrastructure-de-jian-kang-zhuang-tai-kubernetes-pian) * [06 - 使用 Metricbeat 掌握 Infrastructure 的健康狀態 AWS 篇](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/metrics-guan-cha-xi-tong-de-jian-kang-zhi-biao/shi-yong-metricbeat-zhang-wo-infrastructure-de-jian-kang-zhuang-tai-aws-pian) #### Logs - 挖掘系統內部發生的狀況 系列文章 Logs 是系統運作細節的記錄,也是我們用來挖掘系統內部運作時發生什麼狀況的重要參考資訊,Elastic Observability 的解決方案之中,使用了 Filebeat 來負責收集散落在四處的 Logs,並且如何將收集到的 Logs 使用 Elastic Observability 來進行查閱。 * [01 - Logs 與 Filebeat 的基本介紹](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/logs-wa-jue-xi-tong-nei-bu-fa-sheng-de-zhuang-kuang/logs-yu-filebeat-de-ji-ben-jie-shao) * [02 - 使用 Filebeat 應該要了解的設計細節與原理](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/logs-wa-jue-xi-tong-nei-bu-fa-sheng-de-zhuang-kuang/shi-yong-filebeat-ying-gai-yao-liao-jie-de-she-ji-xi-jie-yu-yuan-li) * [03 - 透過 Filebeat 收集 Elastic Stack 中各種服務的細節資訊](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/logs-wa-jue-xi-tong-nei-bu-fa-sheng-de-zhuang-kuang/tou-guo-filebeat-shou-ji-elastic-stack-zhong-ge-zhong-fu-wu-de-xi-jie-zi-xun) * [04 - 透過 Filebeat 收集 Infrastructure 中各種服務的細節資訊](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/logs-wa-jue-xi-tong-nei-bu-fa-sheng-de-zhuang-kuang/tou-guo-filebeat-shou-ji-infrastructure-zhong-ge-zhong-fu-wu-de-xi-jie-zi-xun) #### Traces - 觀察應用程式的效能瓶頸 系列文章 Observability 的一個核心精神,是讓我們有能力觀察系統運作的狀況,Elastic Observability 當中的 APM (Application Performance Monitoring) 就是實現 Observability 這部份精神的其中一個重要的工具,幫助我們能輕鬆的掌握系統運作的效能分析、發生異常時環節、或是在複雜的多層次架構或是微服務架構之下,服務元件之間的相依性及影響的關連,這樣的工具要如何來使用及應用,將會是這個章節的主軸。 * [01 - Elastic APM 基本介紹](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/traces-guan-cha-ying-yong-cheng-shi-de-xiao-neng-ping-jing/elastic-apm-ji-ben-jie-shao) * [02 - 使用 APM-Integratoin-Testing 建立 APM 的模擬環境](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/traces-guan-cha-ying-yong-cheng-shi-de-xiao-neng-ping-jing/shi-yong-apmintegratointesting-jian-li-elastic-apm-de-mo-ni-huan-jing) * [03 - 如何在 Kibana 使用 APM UI](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/traces-guan-cha-ying-yong-cheng-shi-de-xiao-neng-ping-jing/ru-he-zai-kibana-shi-yong-apm-ui) * [04 - 使用 APM Server 來收集 APM 數據](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/traces-guan-cha-ying-yong-cheng-shi-de-xiao-neng-ping-jing/shi-yong-apm-server-lai-shou-ji-apm-shu-ju) * [05 - 透過 APM Agents 收集並傳送後端服務運作的記錄](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/traces-guan-cha-ying-yong-cheng-shi-de-xiao-neng-ping-jing/tou-guo-apm-agents-shou-ji-bing-chuan-song-hou-duan-fu-wu-yun-zuo-de-ji-lu) * [06 - 透過真實使用者監控 (RUM, Real User Monitoring) 來改善使用者體驗](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/traces-guan-cha-ying-yong-cheng-shi-de-xiao-neng-ping-jing/tou-guo-zhen-shi-shi-yong-zhe-jian-kong-rum-real-user-monitoring-lai-gai-shan-shi-yong-zhe-ti-yan) #### 建立結構化的 Log 系列文章 許多實務上的痛點,常常是收集一堆的 Logs,卻不容易使用,結構化的 Logs 會是 Logs 治理的重要關鍵之一,這個章節介紹了 Elastic Common Schema 的設計規範及準則,可以當作我們自行管理 Logs 的很好的參考,同時也介紹當我們要將 Logs 結構化時,如何使用 Elasticsearch 內建的 Ingest Pipeline。 * [01 - Elastic Common Schema 結構化 Log 的規範](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/jian-li-jie-gou-hua-de-log/elastic-common-schema-jie-gou-hua-log-de-gui-fan) * [02 - Elasticsearch Ingest Pipeline 資料 Index 前的轉換好幫手 - 基本介紹](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/jian-li-jie-gou-hua-de-log/elasticsearch-ingest-pipeline-zi-liao-index-qian-de-zhuan-huan-hao-bang-shou/ji-ben-jie-shao) * [03 - Elasticsearch Ingest Pipeline 資料 Index 前的轉換好幫手 - 各種常用的 Processor](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/jian-li-jie-gou-hua-de-log/elasticsearch-ingest-pipeline-zi-liao-index-qian-de-zhuan-huan-hao-bang-shou/ge-zhong-chang-yong-de-processor) * [04 - Elasticsearch Ingest Pipeline 資料 Index 前的轉換好幫手 - Enrich 資料與例外處理](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/jian-li-jie-gou-hua-de-log/elasticsearch-ingest-pipeline-zi-liao-index-qian-de-zhuan-huan-hao-bang-shou/enrich-zi-liao-yu-li-wai-chu-li) #### 有效的使用 Observability 的資料 系列文章 針對前面章節所收集的各種 Observability 資料,說明如何使用進階的 Machine Learning 進行更有效的運用,並且在異常時主動通知的設定方式,以及 Observability 的資料管理,最後將分享實際參加 ElasticOn Observability Workshop 的競賽經歷,以及使用 Elastic Observability 的心得。 * [01 - 透過 Machine Learning 發現異常的問題](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/you-xiao-de-shi-yong-observability-de-zi-liao/tou-guo-machine-learning-fa-xian-yi-chang-de-wen-ti) * [02 - 使用 Kibana Alerts 主動通知異常狀況](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/you-xiao-de-shi-yong-observability-de-zi-liao/shi-yong-kibana-alerts-zhu-dong-tong-zhi-yi-chang-zhuang-kuang) * [03 - 資料的生命週期管理](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/you-xiao-de-shi-yong-observability-de-zi-liao/zi-liao-de-sheng-ming-zhou-qi-guan-li) * [04 - 使用 Elastic Observability 追縱及觀察問題的心得](https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability/you-xiao-de-shi-yong-observability-de-zi-liao/shi-yong-elastic-observability-zhui-zong-ji-guan-cha-wen-ti-de-xin-de) *** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://training.onedoggo.com/tech-sharing/uncle-joe-teach-es-elastc-observability.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.