Elasticsearch deployment (clustered or single-node) with Helm:
helm repo add elastic https://helm.elastic.co
helm install elasticsearch elastic/elasticsearch -n logging --create-namespace
This will also need a script that tails nginx logs and sends them to Elastick search
Research:
- Index design: mapping fields (IP, bytes, URL, UA, GeoIP).
- How to use ILM (Index Lifecycle Management) for retention policies.
- Kibana vs Grafana ES plugin (how to query logs).
- GeoIP enrichment libraries (Python geoip2 or Logstash-style enrichment if you ever move off custom script).
Elasticsearch deployment (clustered or single-node) with Helm:
This will also need a script that tails nginx logs and sends them to Elastick search
Research: