So, what is the ELK Stack? "ELK" is the acronym for three open source projects: Elasticsearch, Logstash, and Kibana. Elasticsearch is a search and analytics engine. Logstash is a server‑side data processing pipeline that ingests data from multiple sources simultaneously, transforms it, and then sends it to a "stash" like Elasticsearch. Kibana lets users visualize data with charts and graphs in Elasticsearch.
The Elastic Stack is the next evolution of the ELK Stack.
It started with Elasticsearch…
The open source, distributed, RESTful, JSON-based search engine. Easy to use, scalable and flexible, it earned hyper-popularity among users and a company formed around it, you know, for search.
And it grew with Logstash and KibanaA search engine at heart, users started using Elasticsearch for logs and wanted to easily ingest and visualize them. Enter Logstash, the powerful ingest pipeline, and Kibana, the flexible visualization tool.
The community got larger, the use cases more numerous
Whether it was to find the top N results in a jungle of text-based documents, analyze security events, or freely slice and dice metrics, the worldwide community kept pushing boundaries with ELK.
Then we dropped a Beat on ELK
"I just want to tail a file," users said. And we listened. In 2015, we introduced a family of lightweight, single-purpose data shippers into the ELK Stack equation. We called them Beats.
So, where did that leave ELK?
In a funny position, really. Do we call it BELK? BLEK? ELKB? The threat of acronym alphabet soupification was real. For a stack so scalable, the acronym really wasn’t.
Enter, the Elastic Stack
The same open source products users know and love, only better integrated, more powerful, easier to get started with, and brimming with possibility.