35e6b139fc
ci / validate (push) Failing after 1m8s
Rework portfolio around Linux operations, Zabbix monitoring, migration validation, and ELK/Grafana log observability. Add AAP-style LVM resize workflow, Zabbix server/proxy/agent automation assets, Linux/AIX monitoring templates, and updated validation CI.
31 lines
1.0 KiB
Markdown
31 lines
1.0 KiB
Markdown
# Log Observability ELK/Grafana Architecture
|
|
|
|
## Components
|
|
|
|
- Filebeat: tails sample and container logs.
|
|
- Logstash: receives and processes log events.
|
|
- Elasticsearch: stores searchable observability data.
|
|
- Kibana: supports log exploration and dashboards.
|
|
- Grafana: provides operational dashboards.
|
|
- Alert rules: document symptoms, thresholds, and severity.
|
|
- Incident simulation: generates controlled failure signals.
|
|
|
|
## Data Flow
|
|
|
|
```
|
|
Log source -> Filebeat -> Logstash -> Elasticsearch -> Kibana
|
|
|
|
|
v
|
|
Grafana
|
|
```
|
|
|
|
Incident exercises follow this flow:
|
|
|
|
```
|
|
Operator -> incident_simulation.sh -> logs/incident_simulation.log -> Filebeat -> Logstash -> alerts/dashboards
|
|
```
|
|
|
|
## Notes
|
|
|
|
This is a local demonstration stack, not a production Elasticsearch deployment. A production version would add dedicated nodes, TLS, secret management, retention policies, index lifecycle management, and external alert delivery.
|