This is a collection of examples to help you get familiar with the Elastic Stack and X-Pack. Each example folder includes a README with detailed instructions for getting up and running with the particular example. The following information pertains to the examples repo as a whole.
You have a few options to get started with the examples:
-
If you want to try them all, you can download the entire repo . Or, if you are familiar with Git, you can clone the repo. Then, simply follow the instructions in the individual README of the examples you're interested in to get started.
-
If you are only interested in a specific example or two, you can download the contents of just those examples - follow instructions in the individual READMEs OR you can use some of the options mentioned here.
See here
Below is the list of examples available in this repo:
- NGINX - JSON
- NGINX - common format
- NGINX Plus - JSON
- Apache access logs
- Simple recipe search app in PHP
Examples using the Elastic Stack for analyzing public dataset.
- DonorsChoose.org donations
- NCEDC earthquakes data
- NYC traffic accidents
- US FEC campaign contributions
- CDC health behavior survey
- NYC restaurant health grades
X-Pack lets you set up watches (or rules) to detect and alert on changes in your Elasticsearch data. Below is a list of examples watches that configured to detect and alert on a few common scenarios:
- [High I/O wait on CPU] (https://github.com/elastic/examples/tree/master/Alerting/cpu_iowait_hosts)
- [Critical error in logs] (https://github.com/elastic/examples/tree/master/Alerting/errors_in_logs)
- [High filesystem usage] (https://github.com/elastic/examples/tree/master/Alerting/filesystem_usage)
- [Lateral movement in user communication] (https://github.com/elastic/examples/tree/master/Alerting/lateral_movement_in_user_comm)
- [New process started on hosts] (https://github.com/elastic/examples/tree/master/Alerting/new_process_started)
- [Port scan detected] (https://github.com/elastic/examples/tree/master/Alerting/port_scan)
- [Interrupted log flow from hosts] (https://github.com/elastic/examples/tree/master/Alerting/system_fails_to_provide_data)
- [Trending hashtag on twitter] (https://github.com/elastic/examples/tree/master/Alerting/twitter_trends)
- [Unexpected account activity] (https://github.com/elastic/examples/tree/master/Alerting/unexpected_account_activity)
- Detecting DNS tunnels
- Watch history dashboard
- [Exploring attack vectors in Apache logs using Graph] (https://github.com/elastic/examples/tree/master/ElasticStack_graph_apache)
- Powering recommendation using Graph