We are deploying multiple instances of ELK to monitor a wide range of applications and infrastructure across varying customer types and sizes.
We require automation for agent deployment / API / ingest pipelines / dashboard builds, beginning with the following:
• Office 365
• Windows Server
• Commvault Commcell
• VCloud Director
• Fortigate FW
Dashboards should be designed to most intuitively show the most valuable insights for each of the items listed above. They should include metrics and logs.
Each finished module will consist of:
• Kibana JSON objects for index-pattern, visualizations and dashboards
• Logstash pipeline configuration (or Elasticsearch ingest pipeline - but logstash is preferred)
• Elasticsearch index template
• Data source(s), one or more of:
- API connector in Python or Golang
- Beats input/processor configuration blocks
- Custom beat implementation based on libbeat
- Logstash input plugin in Ruby
Artefacts should be amenable to centralised management/deployment with Ansible, whether through templated logstash/beats configuration or POSTing to the Kibana saved objects API. All work must be compatible with ELK 7.1.1-oss. Where existing code is leveraged, it should be BSD / Apache licensed or similar - GPL-type licenses are acceptable if necessary but must be isolated. Proprietary-licensed code must not be used, eg the Elastic license.