Anyone using ELK stack feeding Windows Performance Metrics?

[n30_mkii]

I'm just looking into ELK stack and the possibility of feeding performance data into elasticsearch. There seem to be a few different ways to do it, just wondering if anyone has already been down this path and has any advice.

The is topbeat which has a limited set of counters as far as I can see, I'd be looking to get quite a verbose level of metrics feeding in ideally

Thanks in advance

 

[beavis]

I'm about to head down this route to see if it can be useful, not started yet so I'm afraid I'm not going to be any help. I was planning on using filebeat as it keeps things nice and simple/flexiable. I don't need event logs at the moment, and if I do I'll write something myself to export the events I care about to a text file.

What kind of metrics are you looking for, if it's something available via SNMP then that might be worth looking into. Be interested to hear how you get on with ELK, I think it's going to be a pretty tricky thing to learn, there is a lot of it.

 

[img]

Why not look at grafana for that. I use elk stack for vmware and windows logs using nxlog and other products where I write to a file and use nxlog. You could export the metrics with powershell to file and then send that into logstash. I have been doing this for some vcenter metrics when needed but really want alternative.

Cannot give exact as we do rsyslog. Kafka, logstash to stop logstash falling over with the log level.

 

[HungryHippos]

I've tried this but it doesn't work that well. Data can be stored using PowerShell and Data Collector sets, but the resulting data isn't really easy to chart in Kibana.

I can provide more details on the way I had it working if you want though, trust me if interested.