|
| 1 | +[[quickstart-monitor-hosts-with-otel]] |
| 2 | += Quickstart: Monitor hosts with OpenTelemetry |
| 3 | + |
| 4 | +preview::[] |
| 5 | + |
| 6 | +In this quickstart guide, you'll learn how to monitor your hosts using the Elastic Distribution of OpenTelemetry (EDOT) Collector. |
| 7 | +You'll also learn how to use {observability} features to gain deeper insight into your observability data after collecting it. |
| 8 | + |
| 9 | +[discrete] |
| 10 | +== Prerequisites |
| 11 | + |
| 12 | +* An {es} cluster for storing and searching your data, and {kib} for visualizing and managing your data. This quickstart is available for all Elastic deployment models. The quickest way to get started with this quickstart is using a trial project on {serverless-docs}/quickstart-monitor-hosts-with-otel.html[Elastic serverless]. |
| 13 | +* This quickstart is only available for Linux and MacOS systems. |
| 14 | +* A user with the **Admin** role or higher—required to onboard system logs and metrics. To learn more, refer to {cloud}/ec-user-privileges.html[User roles and privileges]. |
| 15 | +* Root privileges on the host—required to run the OpenTelemetry collector because of these components: |
| 16 | +** `hostmetrics` receiver to read all system metrics (all processes, memory, etc.). |
| 17 | +** `filelog` to allow the collector to read any user or application log files. |
| 18 | + |
| 19 | + |
| 20 | +[discrete] |
| 21 | +== Limitations |
| 22 | +Refer to https://github.com/elastic/opentelemetry/blob/main/docs/collector-limitations.md[Elastic OpenTelemetry Collector limitations] for known limitations when using the EDOT Collector. |
| 23 | + |
| 24 | +[discrete] |
| 25 | +== Collect your data |
| 26 | + |
| 27 | +Follow these steps to collect logs and metrics using the EDOT Collector: |
| 28 | + |
| 29 | +. In {kib}, go to the **Observability** UI and click **Add Data**. |
| 30 | +. Under **What do you want to monitor?** select **Host**, and then select **OpenTelemetry: Logs & Metrics**. |
| 31 | ++ |
| 32 | +[role="screenshot"] |
| 33 | +image::images/quickstart-monitor-hosts-otel-entry-point.png[Host monitoring entry point] |
| 34 | +. Select the appropriate platform. |
| 35 | +. Copy the command under step 1, open a terminal on your host, and run the command. |
| 36 | ++ |
| 37 | +This command downloads the {agent} package, extracts it in a EDOT directory. For example, `elastic-distro-8.16.0-linux-x86_64`. |
| 38 | +It also adds a sample `otel.yml` configuration file to the directory and updates the storage directory, Elastic endpoint, and API key in the file. |
| 39 | ++ |
| 40 | +The default log path is `/var/log/*.log`. To update the path, modify the `otel.yml` in the EDOT directory. |
| 41 | ++ |
| 42 | +Find additional sample `otel.yml` configuration files in the EDOT directory in the `otel_samples` folder. |
| 43 | +. Copy the command under Step 2 and run it in your terminal to start the EDOT Collector. |
| 44 | + |
| 45 | +NOTE: Logs are collected from setup onward, so you won't see logs that occurred before starting the EDOT Collector. |
| 46 | + |
| 47 | +Under **Visualize your data**, you'll see links to **Logs Explorer** to view your logs and **Hosts** to view your host metrics. |
| 48 | + |
| 49 | +[discrete] |
| 50 | +== Gain deeper insight into your host data |
| 51 | + |
| 52 | +After using the Hosts page and Discover to confirm you've ingested all the host logs and metrics you want to monitor, |
| 53 | +use Elastic {observability} to gain deeper insight into your host data with the following capabilities and features: |
| 54 | + |
| 55 | +* In the <<monitor-infrastructure-and-hosts,Infrastructure UI>>, analyze and compare data collected from your hosts. |
| 56 | +You can also: |
| 57 | +** <<inspect-metric-anomalies,Detect anomalies>> for memory usage and network traffic on hosts. |
| 58 | +** <<create-alerts,Create alerts>> that notify you when an anomaly is detected or a metric exceeds a given value. |
| 59 | +* In the <<explore-logs,Logs Explorer>>, search and filter your log data, |
| 60 | +get information about the structure of log fields, and display your findings in a visualization. |
| 61 | +You can also: |
| 62 | +** <<monitor-datasets,Monitor log data set quality>> to find degraded documents. |
| 63 | +** {kibana-ref}/xpack-ml-aiops.html#log-pattern-analysis[Run a pattern analysis] to find patterns in unstructured log messages. |
| 64 | +** <<create-alerts,Create alerts>> that notify you when an Observability data type reaches or exceeds a given value. |
| 65 | +* Use {kibana-ref}/xpack-ml.html[machine learning] to apply predictive analytics to your data: |
| 66 | +** {kibana-ref}/xpack-ml-anomalies.html[Detect anomalies] by comparing real-time and historical data from different sources to look for unusual, problematic patterns. |
| 67 | +** {kibana-ref}/xpack-ml-aiops.html#log-rate-analysis[Analyze log spikes and drops]. |
| 68 | +** {kibana-ref}/xpack-ml-aiops.html#change-point-detection[Detect change points] in your time series data. |
| 69 | + |
| 70 | +Refer to the <<observability-introduction>> for a description of other useful features. |
![mergify[bot]](https://avatars.githubusercontent.com/in/10562?v=4&size=40){kind=avatar}
0 commit comments