Skip to content

๐Ÿ’ป Tech Stack

When designing a logging and monitoring stack, we needed a robust, scalable, and efficient system that can process, store, visualize, and analyze logs effectively. Below is the reasoning behind our choices:

๐Ÿ›ข๏ธ Fluent Bit

๐Ÿ”ธ Purpose: The Lightweight Log Forwarder

  • Lightweight and Fast: Minimal resource usage, perfect for Docker containers.
  • Efficient Log Forwarding: Collects JSON logs from HESTIA Logger (e.g., via log-generator) and forwards them to Elasticsearch.
  • Built-in Processing: Parses structured logs with filtering and transformation capabilities.
  • Seamless Elasticsearch Integration: Native output plugin ensures smooth ingestion.

Alternatives Considered:

  • Logstash: Powerful for complex transformations but resource-heavy.
  • Filebeat: Great for log shipping but lacks parsing flexibility.

๐Ÿ… Why Fluent Bit Won?

  • Low memory footprint for containerized environments.
  • Native JSON parsing aligns with HESTIAโ€™s log format.
  • Balanced performance and functionality for our needs.
  • Direct Elasticsearch support simplifies the pipeline.

๐Ÿ” Elasticsearch

๐Ÿ”ธ Purpose: The Log Storage & Search Engine

  • Distributed Architecture: Runs as a two-node cluster (es01, es02) for redundancy and scale.
  • Full-Text Search: Enables quick log retrieval with powerful queries.
  • Real-Time Indexing: Logs are searchable almost instantly after ingestion.
  • Scalable Storage: Handles growing log volumes effortlessly.

Alternatives Considered:

  • MongoDB: General-purpose database, not optimized for log search.
  • Loki: Lightweight and cost-effective but weaker full-text search.

๐Ÿ… Why Elasticsearch Won?

  • Built for log storage and querying at scale.
  • Near real-time search enhances observability.
  • Pairs seamlessly with Fluent Bit and Kibana.

๐Ÿ“Š Kibana

๐Ÿ”ธ Purpose: The Log Visualization Tool

  • Powerful UI: Search and explore HESTIA logs in Elasticsearch via port 5601.
  • Discover & Dashboards: Simplifies log analysis with filters and visualizations.
  • Real-Time Monitoring: Tracks log trends as they happen.

Alternatives Considered:

  • Grafana: Strong dashboards but weaker log search.
  • Graylog: Feature-rich but overkill for our setup.

๐Ÿ… Why Kibana Won?

  • Ideal for interactive log exploration.
  • Native Elasticsearch integration via Docker Compose.
  • Quick dashboards for HESTIA log trends.**

๐ŸŽจ Grafana

๐Ÿ”ธ Purpose: Advanced Monitoring & Dashboards

  • Custom Dashboards: Visualizes HESTIA logs (e.g., โ€œHESTIA Logging Overviewโ€) via port 3000.
  • Multiple Data Sources: Integrates Elasticsearch with potential for metrics (e.g., Prometheus).
  • Rich Visualizations: Time-series, heatmaps, and alerts for log insights.
  • Advanced Alerting: Proactive monitoring of log patterns.

Alternatives Considered:

  • Kibana Alone: Limited dashboard flexibility.
  • Loki with Grafana: Simpler but misses full-text search.

๐Ÿ… Why Grafana Won?

  • Flexible dashboards for log analytics.
  • Future-proof with multi-source support.
  • Enhanced alerting beyond Kibanaโ€™s capabilities.**

Summary

โœ” Fluent Bit: Collects and forwards HESTIA logs.
โœ” Elasticsearch: Stores and indexes logs in a cluster.
โœ” Kibana: Enables log search and basic visualization.
โœ” Grafana: Provides advanced monitoring dashboards.

๐ŸŽฏ Together, these tools power HESTIA Loggerโ€™s observability pipeline.