Skip to content

Elasticsearch Advanced Dashboard

Video Lecture

Elasticsearch Advanced Dashboard Elasticsearch Advanced Dashboard

 (Pay Per View)

You can use PayPal to purchase a one time viewing of this video for $1.49 USD.

Pay Per View Terms

  • One viewing session of this video will cost the equivalent of $1.49 USD in your currency.
  • After successful purchase, the video will automatically start playing.
  • You can pause, replay and go fullscreen as many times as needed in one single session for up to an hour.
  • Do not refresh the browser since it will invalidate the session.
  • If you want longer-term access to all videos, consider purchasing full access through Udemy or YouTube Memberships instead.
  • This Pay Per View option does not permit downloading this video for later viewing or sharing.
  • All videos are Copyright © 2019-2025 Sean Bradley, all rights reserved.

Description

Now to install an advanced dashboard that uses both the Filebeat and Metricbeat datasources at the same time.

Now to install the 'OS stats - Linux' dashboard from https://grafana.com/grafana/dashboards/12626

Import a new dashboard using the ID 12626

Choose the correct Filebeat and Metricbeat datasources and then continue.

Not all panels will contain data, so you will need to edit the /etc/metricbeat/modules.d/system.yml file on the host running Metricbeat.

My /etc/metricbeat/modules.d/system.yml has these settings

# Module: system
# Docs: https://www.elastic.co/guide/en/beats/metricbeat/7.10/metricbeat-module-system.html

- module: system
  period: 30s
  metricsets:
      - cpu
      - load
      - memory
      - network
      - process
      - process_summary
      - socket_summary
      #- entropy
      #- core
      - diskio
      #- socket
      - service
      - users
  process.include_top_n:
      by_cpu: 5 # include top 5 processes by CPU
      by_memory: 5 # include top 5 processes by memory

- module: system
  period: 1m
  metricsets:
      - filesystem
      - fsstat
  processors:
      - drop_event.when.regexp:
            system.filesystem.mount_point: '^/(sys|cgroup|proc|dev|etc|host|lib|snap)($|/)'

- module: system
  period: 15m
  metricsets:
      - uptime
#- module: system
#  period: 5m
#  metricsets:
#    - raid
#  raid.mount_point: '/'