Overviewedit

Welcome to APM Server Docs.

Note

The documentation pages are still work in progress. For more details also check APM Server Github repository.

APM Server is a central component in the Elastic APM system. It receives data from APM agents and transforms them into Elasticsearch documents.

To get an overview about the whole Elastic APM system, please also have a look at the documentation for

A single APM server can handle data from multiple apps. APM Server works by exposing an HTTP server to which agents post the APM data they collect. This includes performance information about the applications, as well as errors that occur in applications.

APM Server is an application built in Go using the beats framework and as such it shares many of the same configuration options as beats.

In the following you can read more about

Securityedit

APM Server exposes a HTTP endpoint and as with anything that opens ports on your servers, you should be careful about who can connect to it. We recommend using firewall rules to ensure only authorized systems can connect.

There is also the option of setting up SSL to ensure data sent to the APM Server is encrypted.

SSL/TLS setupedit

To enable SSL/TLS you need a private key and a certificate issued by a certification authority (CA). Then you can specify the path to those files in the configuration properties apm-server.ssl.key and apm-server.ssl.certificate respectively. This will make the APM Server to serve HTTPS requests instead of HTTP. Hence, you also need to enable SSL in the agent. For agent specific details,

Secret tokenedit

You can configure a secret token which is sent with every request from the APM agents to the server. This string is used to ensure that only your agents can send data to your APM servers. Both the agents and the APM servers have to be configured with the same secret token.

Note

The usage of a secret token only provides any security when used in combination with having SSL/TLS configured.

High Availabilityedit

The API exposed by APM Server is a regular HTTP JSON API. To achieve high availability, you can place multiple instances of APM Server behind a regular HTTP load balancer, for example HAProxy or nginx.

If an instance of APM Server should fail, the load balancer will remove it from the load balancing rotation after a short period of time.

APM Server endpoint /healthcheck always returns a HTTP 200. You can configure your load balancer to send HTTP requests to this endpoint to determine if a given APM Server is up and running.

APM Server maintains a small buffer internally. Data coming from agents is kept here until it can be delivered to Elasticsearch. Under normal circumstance, data is forwarded to Elasticsearch immediately. In situations in which Elasticsearch is down briefly or in situations where there is a sudden influx of data and Elasticsearch cannot ingest it all at once, the buffer acts as a temporary storage until the data can be ingested by Elasticsearch.

This also means that if a given APM Server process fails, for example because the machine its running on experiences an issue, the data that has not yet been forwarded to Elasticsearch is lost.

Configuring Index Patternedit

The same APM Server process can handle data from multiple apps. If you want to send data from each app to separate indices, you can include the app name in the Elasticsearch index pattern in the following manner:

output.elasticsearch:
  index: "apm-%{[app.name]}-%{[beat.version]}-%{+yyyy.MM.dd}"

This will have the effect that all events end up in app-specific indices. It will enable you to set security restrictions based on your index pattern.