{"id":28075,"date":"2022-12-17T04:01:28","date_gmt":"2022-12-16T23:01:28","guid":{"rendered":"https:\/\/kmwllc.com\/?p=28075"},"modified":"2025-06-02T20:16:07","modified_gmt":"2025-06-02T15:16:07","slug":"ingesting-solr-logs-with-the-elk-stack","status":"publish","type":"post","link":"https:\/\/kmwllc.com\/index.php\/2022\/12\/17\/ingesting-solr-logs-with-the-elk-stack\/","title":{"rendered":"Ingesting Solr Logs with the ELK Stack"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"28075\" class=\"elementor elementor-28075\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-63301b1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"63301b1\" data-element_type=\"section\" data-e-type=\"section\">\r\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\"><div class=\"elementor-row\">\r\n\t\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-a1bd42c\" data-id=\"a1bd42c\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-da35c3f flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-post-info\" data-id=\"da35c3f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"post-info.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<ul class=\"elementor-inline-items elementor-icon-list-items elementor-post-info\">\n\t\t\t\t\t\t\t\t<li class=\"elementor-icon-list-item elementor-repeater-item-8e1b090 elementor-inline-item\" itemprop=\"datePublished\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<span class=\"elementor-icon-list-text elementor-post-info__item elementor-post-info__item--type-date\">\n\t\t\t\t\t\t\t\t\t\t<time>December 17, 2022<\/time>\t\t\t\t\t<\/span>\n\t\t\t\t\t\t\t\t<\/li>\n\t\t\t\t<\/ul>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-395589d flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"395589d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"styled-subtitle elementor-heading-title elementor-size-default\">When it comes to analyzing Solr logs, Solr does have some out of the box tools. However, we\u2019ve found that those tools don\u2019t give a lot of options for creating rich visual analysis, and don't offer a way to analyze logs in real time. So what do we do? We turn to another open-source platform: Elastic.<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4592adc elementor-author-box--image-valign-top flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-author-box\" data-id=\"4592adc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"author-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-author-box\">\n\t\t\t\t\t\t\t<div  class=\"elementor-author-box__avatar\">\n\t\t\t\t\t<img src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2023\/01\/Kira3-1-300x300.jpg\" alt=\"Picture of Kira Traynor\" loading=\"lazy\">\n\t\t\t\t<\/div>\n\t\t\t\n\t\t\t<div class=\"elementor-author-box__text\">\n\t\t\t\t\t\t\t\t\t<div >\n\t\t\t\t\t\t<div class=\"elementor-author-box__name\">\n\t\t\t\t\t\t\tKira Traynor\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-author-box__bio\">\n\t\t\t\t\t\t<p>Search Engineer at KMW Technology<\/p>\n\t\t\t\t\t<\/div>\n\t\t\t\t\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9068a13 elementor-widget-divider--view-line flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-divider\" data-id=\"9068a13\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f22d0cd flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"f22d0cd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3aea284 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"3aea284\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Introduction<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a3ad63f flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"a3ad63f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Have you ever needed to find out more about what&#8217;s going on with your Solr deployment?\u00a0 The Solr Admin UI is great at communicating the overall health of the cluster, how the cores are doing and validating configuration. But sometimes you need to go a bit deeper to understand:<\/span><\/p><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">What&#8217;s my query latency?<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">How long are commits taking?<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Is Solr throwing any errors?<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">What queries are returning zero results?<\/span><\/li><\/ul><p><span style=\"font-weight: 400;\">When we need to know more, we need to look at the logs.<\/span><\/p><p><span style=\"font-weight: 400;\">The ability to analyze log files is foundational to monitoring the success of your Solr cloud deployment. Log files consist of <\/span><i><span style=\"font-weight: 400;\">events<\/span><\/i><span style=\"font-weight: 400;\"> that are logged with a date, timestamp, event level (warning, error, info, etc.) and event detail. The information contained in the logs give you insight into what is happening within your system.\u00a0<\/span><\/p><p><span style=\"font-weight: 400;\">At KMW Technology, we focus on utilizing open-source software in our search solutions in order to support and contribute to community-driven development. As such, we have a lot of expertise in working with Solr. When it comes to analyzing Solr logs, Solr does have some out of the box tools. However, we\u2019ve found that those tools don\u2019t give a lot of options for creating rich visual analysis. We\u2019ve also found there\u2019s no great way to analyze logs in real time. So what do we do? We turn to another open-source platform: Elastic. Using Elastic\u2019s ELK stack, we can ingest Solr log files and leverage tools like Kibana to query and visualize what\u2019s happening in Solr.<\/span><\/p><p><span style=\"font-weight: 400;\">In this post, we\u2019ll go over how to use Elasticsearch and its tools within the ELK stack to query, analyze and visualize your Solr logs. It&#8217;s easier than you might think!<\/span><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f2e09fa flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"f2e09fa\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-456081b flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"456081b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">The ELK Stack<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ceac66d flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"ceac66d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">The four components of the <a href=\"https:\/\/www.elastic.co\/what-is\/elk-stack\">ELK stack<\/a> are: <\/span><b>E<\/b><span style=\"font-weight: 400;\">lasticsearch<\/span><b>, L<\/b><span style=\"font-weight: 400;\">ogstash, <\/span><b>K<\/b><span style=\"font-weight: 400;\">ibana, and Beats. The process begins with Beats, a platform with multiple different data shippers. Filebeat is one of these data shippers, and setting up Filebeat is the first step to ingesting your logs. Once Filebeat is hooked into your Solr logs, your log data can then be shipped to Logstash which will ingest the logs. When Logstash ingests and parses the log data, create an index in Elasticsearch and add the logs to this index. Once Elasticsearch has all the data, you can use Kibana to query your log data and create visualizations that aid in your analysis.<\/span><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bb09f3e flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"bb09f3e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-100498f flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-image\" data-id=\"100498f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" width=\"1024\" height=\"267\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/elk_stack_log_analysis-1024x267.png\" class=\"attachment-large size-large wp-image-28330\" alt=\"\" srcset=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/elk_stack_log_analysis-1024x267.png 1024w, https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/elk_stack_log_analysis-300x78.png 300w, https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/elk_stack_log_analysis-768x200.png 768w, https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/elk_stack_log_analysis.png 1055w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-35098e5 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"35098e5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-542d17f flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"542d17f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">\nThe Process<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-72e5dea flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"72e5dea\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-medium\">Installing &amp; Configuring ELK<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e5c7c12 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"e5c7c12\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p>Install the following products:<\/p><ul><li aria-level=\"1\"><a href=\"https:\/\/www.elastic.co\/downloads\/past-releases#elasticsearch\">Elasticsearch<\/a><\/li><li aria-level=\"1\"><a href=\"https:\/\/www.elastic.co\/downloads\/past-releases#logstash\">Logstash<\/a><\/li><li aria-level=\"1\"><a href=\"https:\/\/www.elastic.co\/downloads\/past-releases#kibana\">Kibana<\/a><\/li><li aria-level=\"1\"><a href=\"https:\/\/www.elastic.co\/downloads\/past-releases#filebeat\">Filebeat<\/a><\/li><\/ul><p>Ensure that each of the downloaded products are compatible with each other, i.e. all have the version 8.4.2. You can find the compatibility matrix\u00a0<a href=\"https:\/\/www.elastic.co\/support\/matrix#matrix_compatibility\">here.<\/a><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9ca01a5 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"9ca01a5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7de389b flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"7de389b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-medium\">Pointing Filebeat at Your Logs<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f271694 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"f271694\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Filebeat\u2019s role will be to monitor the files that are in a defined input location and send them to a defined output location. In this case, the input will be the path to your Solr logs and the output will be Logstash.<\/span><\/p><p><span style=\"font-weight: 400;\">You can choose to either actively monitor your logs in real time or ingest a saved set of logs that came from a certain time period. In either scenario, the Filebeat setup will be the same. However, if you are not monitoring your logs in real time Filebeat only has to run once and can be terminated when it has finished. Otherwise, Filebeat should be left running so that it can continue to send log updates in real time.<\/span><\/p><p><span style=\"font-weight: 400;\">Within the downloaded Filebeat package, find <\/span><b>filebeat.yml<\/b><span style=\"font-weight: 400;\">.<\/span><\/p><ol><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Add the path(s) to your Solr logs under the<\/span><b> filebeat.inputs<\/b><span style=\"font-weight: 400;\"> section and set enabled to true. You can use <\/span><b>glob<\/b><span style=\"font-weight: 400;\"> to match multiple logs.<\/span><\/li><\/ol>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0b2677c flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"0b2677c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp>filebeat.inputs:\r\n- type: log\r\n  # Change to true to enable this input configuration.\r\n  enabled: true\r\n  # Paths that should be crawled and fetched. Glob based paths.\r\n  paths:\r\n    - \/Downloads\/Logs\/SolrLogs\/solr.log*<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-314511e flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"314511e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<ol start=\"2\">\n \t<li aria-level=\"1\">Under the Kibana section, make sure that the Kibana host is set to your specific Kibana host. You do not need to set anything for the Elasticsearch output.<\/li>\n<\/ol>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1aa4cac flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"1aa4cac\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp>setup.kibana:\r\n  # Kibana Host\r\n  host: \"localhost:5601\"<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-44a2ef7 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"44a2ef7\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<ol start=\"3\">\n \t<li aria-level=\"1\">Since we want to connect it to Logstash, set the output accordingly. Make sure output.elasticsearch is not set to anything and output.logstash is set:<\/li>\n<\/ol>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8c7ff30 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"8c7ff30\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp>output.logstash:\r\n  # The Logstash hosts\r\n  hosts: [\"0.0.0.0:5044\"]<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3401e9e flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"3401e9e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><i>Note<\/i>: there are other sections of Filebeat that can be configured, but for this example we are leaving these sections set according to the values that are pre-loaded when you first install Filebeat.<\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-917cb9e flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"917cb9e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ee56829 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"ee56829\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-medium\">Configuring Logstash<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f6101ca flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"f6101ca\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Logstash is an ETL tool that requires some initial configuration. It is the pipeline that takes files from Filebeat, ingests and transforms the data so that it can be indexed, and sends it to Elasticsearch to be made searchable.\u00a0<\/span><\/p><p><span style=\"font-weight: 400;\">Logstash has to be configured accordingly to ensure that the data that is in your logs is captured and made searchable as fits your needs. This means identifying what content from the Solr log files is important to retain and what might not be necessary. In the below example, we will walk through what we consider a basic Logstash configuration for Solr log ingestion\u2013 but be aware that your use case might be different.<\/span><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5db1562 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"5db1562\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-147f8dc flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"147f8dc\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-medium\">Setting up the Pipeline<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4250d4e flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"4250d4e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">The first step is to set up the pipeline for Logstash. As you\u2019ll see below, you will use Grok to match and filter the content in the logs. Grok is similar to regular expression in that it is a search pattern that can be matched to text. This will allow you to set values to fields. Some documentation and examples of Grok statements from Elasticsearch can be found <\/span><a href=\"https:\/\/www.elastic.co\/guide\/en\/elasticsearch\/reference\/current\/grok-processor.html\"><span style=\"font-weight: 400;\">here<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p><p><span style=\"font-weight: 400;\">Within the installed Logstash package, locate the <\/span><b>conf\/logstash-sample.conf<\/b><span style=\"font-weight: 400;\"> file. There should be an inputs and an outputs section.<\/span><\/p><ol><li><span style=\"font-weight: 400;\"><strong>Add a filter section after the inputs<\/strong>. This will be where you can create Grok statements to filter and match the data that you want from your logs. The following code matches the <\/span><i><span style=\"font-weight: 400;\">time<\/span><\/i><span style=\"font-weight: 400;\"> and<\/span><i><span style=\"font-weight: 400;\"> log level<\/span><\/i><span style=\"font-weight: 400;\"> from Solr logs and sets those values to the LogTime and level fields.<\/span><span style=\"font-weight: 400;\"> Use the Grok debugger from Kibana to check if the Grok statements are matching the correct data.<br \/><\/span><br \/>\u00a0Additionally, you can add Grok that looks like the example below, which will match the basic log configuration for Solr logs. Keep in mind you can also match error level logs and garbage collection logs.<\/li><\/ol>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-cde19d4 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"cde19d4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard word-wrap\">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp> if \"INFO\" in [level] {\r\n   grok {\r\n     match => [\r\n       \"message\", \"%{DATESTAMP} %{LOGLEVEL} (%{DATA}) \\[(c:%{DATA:collection}| ) (s:%{DATA}|)\\] %{DATA} \\[%{WORD:core_node_name_s}\\] %{SPACE} webapp=\\\/?%{WORD:webapp} path=%{DATA:path_s} params=\\{%{DATA:params}\\} status=%{NUMBER:status_i} QTime=%{NUMBER:qtime_i}\",\r\n       \"message\", \"%{DATESTAMP} %{LOGLEVEL} (%{DATA}) \\[(c:%{DATA:collection}| ) (s:%{DATA}|)\\] %{DATA} \\[%{WORD:core_node_name_s}\\] %{SPACE} webapp=\\\/?%{WORD:webapp} path=%{DATA:path_s} params=\\{%{DATA:params}\\} hits=%{NUMBER:hits_i} status=%{NUMBER:status_i} QTime=%{NUMBER:qtime_i}\",\r\n       \"message\", \"%{DATESTAMP} %{LOGLEVEL} (%{DATA}) \\[(c:%{DATA:collection}| ) (s:%{DATA}|)\\] %{DATA} \\[%{WORD:core_node_name_s}\\] %{SPACE} webapp=\\\/?%{WORD:webapp} path=%{DATA:path_s} params=\\{%{GREEDYDATA:params}\\} %{NUMBER:status_i} %{NUMBER:qtime_i}\"\r\n     ]\r\n     tag_on_failure => []\r\n   }\r\n   if [params] {\r\n     kv {\r\n       field_split_pattern => \"&|}{\"\r\n       source => \"params\"\r\n     }\r\n} <\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4f8ad79 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"4f8ad79\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<ol start=\"2\"><li><strong>Configure the output.<\/strong><ol><li><span style=\"font-weight: 400;\">Set Elasticsearch host to <code>\"https:\/\/localhost:9200\"<\/code><span style=\"font-weight: 400;\">&#8220;<\/span><\/span><\/li><li><span style=\"font-weight: 400;\">Set the template to the path. We will set up the template (mapping) after this.\u00a0<\/span><\/li><li><span style=\"font-weight: 400;\">Set index name<\/span><\/li><li><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Set the user and password from your elasticsearch or ssl_certificate_verification<\/span><\/span><\/li><\/ol><\/li><\/ol>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-977f807 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"977f807\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9c668ea flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"9c668ea\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-medium\">Defining the Mappings (Index Template)<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-644104c flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"644104c\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Since you\u2019re familiar with Solr, you know that a collection <\/span><i><span style=\"font-weight: 400;\">schema<\/span><\/i><span style=\"font-weight: 400;\"> declares the fields and corresponding data types per field. In Elasticsearch, a schema is referred to as a <\/span><i><span style=\"font-weight: 400;\">mapping<\/span><\/i><span style=\"font-weight: 400;\">, and the mapping is applied to a specific <\/span><i><span style=\"font-weight: 400;\">index<\/span><\/i><span style=\"font-weight: 400;\">. A Logstash index template is needed in order to define the mappings that Elasticsearch will use to create an index of your Solr log files.<\/span><\/p><p><span style=\"font-weight: 400;\">Keep in mind that index templates are only applied at index creation or during a re-index.<\/span><\/p><p><span style=\"font-weight: 400;\">If you don\u2019t specify mappings for each of the fields that you are matching from the Grok statements, Elasticsearch will still ingest the logs and assume a type for each field. This can be problematic if Elasticsearch assumes the wrong field type. For example, if a field with an integer type is ingested as a string type you will not be able to represent it in the correct way in a Kibana graph using minimums, maximums, averages or other mathematical operations.<\/span><\/p><p><span style=\"font-weight: 400;\">To start making a template, create a JSON file using the example template below. The name and path has to be whatever you set your template to in the pipeline above. There are two main components to the index template.<\/span><\/p><ol><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Include your <code>index_patterns<\/code><\/span><span style=\"font-weight: 400;\">\u00a0to match the indices you want.<\/span><\/li><li><span style=\"font-weight: 400;\"><span style=\"font-weight: 400;\">Include the <code>mappings<\/code> map. This part includes the mapping of the fields to their data type. Since you already set up your pipeline in the section above, you know what fields you are matching from the logs. For each of the fields, determine what data type they should be. For example, if you are matching query time values in your log and you called the field <code>qtime_i<\/code> because it is an integer value, you should add this to your mappings. From Elasticsearch\u2019s documentation, <a href=\"https:\/\/www.elastic.co\/guide\/en\/elasticsearch\/reference\/8.4\/mapping-types.html\">here<\/a> are all the different types that you can include in your mapping. Each field can only have one data type.<\/span><\/span><\/li><\/ol>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2e5d380 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"2e5d380\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp>\"qtime_i\":{\r\n    \"type\": \"integer\",\r\n    \"fields\":{\r\n        \"keyword\":{\r\n            \"type\": \"keyword\", \r\n            \"ignore_above\": 256\r\n        }\r\n    }\r\n}<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-74af05d flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"74af05d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p>\u00a0<\/p><p><span style=\"font-weight: 400;\">The whole template will look something like what is below.<\/span><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-08389d6 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"08389d6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard word-wrap\">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp>{\r\n \"template\": \"solr-logs-template\",\r\n \"index_patterns\": [\"solr-logs*\"],\r\n \"mappings\" : {\r\n   \"properties\" : {\r\n     \"@timestamp\" : {\r\n       \"type\" : \"date\"\r\n     },\r\n     \"@version\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"LogTime\" : {\r\n       \"type\" : \"date\",\r\n       \"format\" : \"yy-MM-dd HH:mm:ss.SSS\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"agent\" : {\r\n       \"properties\" : {\r\n         \"ephemeral_id\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         },\r\n         \"hostname\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         },\r\n         \"id\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         },\r\n         \"type\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         },\r\n         \"version\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         }\r\n       }\r\n     },\r\n     \"commit\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"core_node_name_s\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"ecs\" : {\r\n       \"properties\" : {\r\n         \"version\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         }\r\n       }\r\n     },\r\n     \"file\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"fl\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"hits_i\" : {\r\n       \"type\" : \"integer\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"host\" : {\r\n       \"properties\" : {\r\n         \"architecture\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         },\r\n         \"hostname\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         },\r\n         \"id\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         },\r\n         \"name\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         },\r\n         \"os\" : {\r\n           \"properties\" : {\r\n             \"build\" : {\r\n               \"type\" : \"text\",\r\n               \"fields\" : {\r\n                 \"keyword\" : {\r\n                   \"type\" : \"keyword\",\r\n                   \"ignore_above\" : 256\r\n                 }\r\n               }\r\n             },\r\n             \"family\" : {\r\n               \"type\" : \"text\",\r\n               \"fields\" : {\r\n                 \"keyword\" : {\r\n                   \"type\" : \"keyword\",\r\n                   \"ignore_above\" : 256\r\n                 }\r\n               }\r\n             },\r\n             \"kernel\" : {\r\n               \"type\" : \"text\",\r\n               \"fields\" : {\r\n                 \"keyword\" : {\r\n                   \"type\" : \"keyword\",\r\n                   \"ignore_above\" : 256\r\n                 }\r\n               }\r\n             },\r\n             \"name\" : {\r\n               \"type\" : \"text\",\r\n               \"fields\" : {\r\n                 \"keyword\" : {\r\n                   \"type\" : \"keyword\",\r\n                   \"ignore_above\" : 256\r\n                 }\r\n               }\r\n             },\r\n             \"platform\" : {\r\n               \"type\" : \"text\",\r\n               \"fields\" : {\r\n                 \"keyword\" : {\r\n                   \"type\" : \"keyword\",\r\n                   \"ignore_above\" : 256\r\n                 }\r\n               }\r\n             },\r\n             \"version\" : {\r\n               \"type\" : \"text\",\r\n               \"fields\" : {\r\n                 \"keyword\" : {\r\n                   \"type\" : \"keyword\",\r\n                   \"ignore_above\" : 256\r\n                 }\r\n               }\r\n             }\r\n           }\r\n         }\r\n       }\r\n     },\r\n     \"input\" : {\r\n       \"properties\" : {\r\n         \"type\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         }\r\n       }\r\n     },\r\n     \"level\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"log\" : {\r\n       \"properties\" : {\r\n         \"file\" : {\r\n           \"properties\" : {\r\n             \"path\" : {\r\n               \"type\" : \"text\",\r\n               \"fields\" : {\r\n                 \"keyword\" : {\r\n                   \"type\" : \"keyword\",\r\n                   \"ignore_above\" : 256\r\n                 }\r\n               }\r\n             }\r\n           }\r\n         },\r\n         \"flags\" : {\r\n           \"type\" : \"text\",\r\n           \"fields\" : {\r\n             \"keyword\" : {\r\n               \"type\" : \"keyword\",\r\n               \"ignore_above\" : 256\r\n             }\r\n           }\r\n         },\r\n         \"offset\" : {\r\n           \"type\" : \"long\"\r\n         }\r\n       }\r\n     },\r\n     \"message\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"params\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"path_s\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"q\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"qt\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"qtime_i\" : {\r\n       \"type\" : \"integer\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"rows\" : {\r\n       \"type\" : \"integer\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"status_i\" : {\r\n       \"type\" : \"integer\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"tags\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"version\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"webapp_s\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"threads_stopped_for_seconds_i\" : {\r\n       \"type\" : \"float\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     },\r\n     \"wt\" : {\r\n       \"type\" : \"text\",\r\n       \"fields\" : {\r\n         \"keyword\" : {\r\n           \"type\" : \"keyword\",\r\n           \"ignore_above\" : 256\r\n         }\r\n       }\r\n     }\r\n   }\r\n }\r\n}\r\n\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7073332 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"7073332\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-1ded788 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"1ded788\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Running ELK<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-80c5e2f flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"80c5e2f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Now that setup has been completed, you\u2019re ready to run all four parts: Elasticsearch, Kibana, Logstash, Filebeat.<\/span><\/p><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Run Elasticsearch.\u00a0 From the Elasticsearch package run <code>[.\/bin\/elasticsearch]<\/code>. Elasticsearch will be found at <code>[https:\/\/localhost:9200]<\/code><\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Running Kibana may be useful during the configuration of Logstash for the Grok debugger. Be aware that you need to have Elasticsearch running in order to run Kibana. From the Kibana package run <code>[.\/bin\/kibana]<\/code>. Kibana will be found at <code>[http:\/\/localhost:5601].<\/code>This is where you will be doing the data querying and visualization.<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Run Logstash to create the index. From the Logstash package run <code>[.\/bin\/logstash -f logstash.conf]<\/code> where <code>logstash.conf<\/code> is the configuration file we created above.<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Run Filebeat to monitor the logs and send to Logstash. From the Filebeat package run <code>[.\/filebeat -e]<\/code>.\u00a0<\/span><\/li><\/ul><p><span style=\"font-weight: 400;\">Filebeat and Logstash only need to run once unless you are monitoring logs in real time.<\/span><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f34f842 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"f34f842\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3ac9557 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"3ac9557\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-large\">Querying and Visualizing<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-aff954b flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"aff954b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-medium\">Goals for Analyzing Logs<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6ef0192 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"6ef0192\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Depending on the use case, you can focus on different things when querying and visualizing logs. Some questions can be answered by querying Kibana, while in other circumstances setting up a visualization is more helpful. Since you are already interested in log analysis you probably have some specific metrics in mind, but some common analysis goals include:<\/span><\/p><ul><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Seeing how long garbage collection takes<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Knowing how many searches have been run over a given time (per minute\/hour\/week)?<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Identifying the queries that take the longest time to execute<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Identifying most common queries issued to a collection<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Visualizing spikes in query traffic\u00a0<\/span><\/li><li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Seeing how often commits are occurring<\/span><\/li><\/ul>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-133a476 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"133a476\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ec0e076 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"ec0e076\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-medium\">Example Queries against Elasticsearch Index<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-07893d8 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"07893d8\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Querying against your newly created index is simple with Kibana. Go to the menu on the top left and scroll all the way down to Management\/Dev Tools. From here you can create queries in the Console and test your Grok statements in the Grok Debugger. For help understanding the specific query syntax, here is some <\/span><a href=\"https:\/\/www.elastic.co\/guide\/en\/elasticsearch\/reference\/current\/query-dsl.html\"><span style=\"font-weight: 400;\">documentation<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p><p><span style=\"font-weight: 400;\">There are some simple queries that you can use to start off with:<\/span><\/p><p><em>To get all the indices so you can ensure the index was created:\u00a0<\/em><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-de6ee2a flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"de6ee2a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-sql \">\n\t\t\t\t<code readonly=\"true\" class=\"language-sql\">\n\t\t\t\t\t<xmp>GET _cat\/indices<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-76b7eda flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"76b7eda\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p>\u00a0<\/p><p><em><span style=\"font-weight: 400;\">To get all information from one index:\u00a0 <\/span><\/em><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7816561 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"7816561\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp>GET \/<index-name>\/_search \n{\n  \"query\": {\n    \"match_all\": {}\n  }\n}<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9326ac5 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"9326ac5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p>\u00a0<\/p><p><em>Finding the longest-running search:<\/em><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c2d2c03 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"c2d2c03\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp>GET \/<index-name>\/_search \r\n{\r\n  \"query\": {\r\n    \"bool\": {\r\n      \"must\": [\r\n        {\r\n          \"term\": {\r\n            \"path_s.keyword\": {\r\n              \"value\": \"\/select\"\r\n            }\r\n          }\r\n        }\r\n      ]\r\n    }\r\n  },\r\n  \"aggs\": {\r\n    \"doc_with_max_qTime\": {\r\n      \"top_hits\": {\r\n        \"sort\": [\r\n          {\r\n            \"qtime_i\": {\r\n              \"order\": \"desc\"\r\n            }\r\n          }\r\n        ],\r\n        \"size\": 1\r\n      }\r\n    }\r\n  },\r\n  \"size\": 0\r\n}<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9a5e552 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"9a5e552\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p>\u00a0<\/p><p><em>Finding the most common query:<\/em><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4422572 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"4422572\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp>GET \/<index-name>\/_search \r\n{\r\n  \"aggs\": {\r\n    \"frequent_query\": {\r\n      \"terms\": {\r\n        \"field\": \"q.keyword\"\r\n      }\r\n    }\r\n  },\r\n  \"size\": 0\r\n}<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b8ff8c5 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"b8ff8c5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p>\u00a0<\/p><p><em><span style=\"font-weight: 400;\">Finding percentiles (aggregating on query time):<\/span><\/em><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6ca9ee1 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\" data-id=\"6ca9ee1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language- \">\n\t\t\t\t<code readonly=\"true\" class=\"language-\">\n\t\t\t\t\t<xmp>GET \/<index-name>\/_search \n{\n  \"aggs\": {\n    \"qTime_percentiles\": {\n      \"percentiles\": {\n        \"field\": \"qtime_i\",\n        \"percents\": [\n          90,\n          95,\n          99\n        ]\n      }\n    }\n  },\n  \"size\": 0\n}<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-04fc183 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"04fc183\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-df5deda flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"df5deda\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-medium\">Example Visualizations with Kibana<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-4950ffb flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"4950ffb\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">Once you understand the data that you are looking at, you can create a dashboard with visualizations. Create a visualization by navigating to Analytics -&gt; Discover or Analytics&nbsp; -&gt; Dashboard if you already know what you\u2019d like to make up a dashboard. <\/span><\/p><p><span style=\"font-weight: 400;\">The ability to create visualizations with Kibana is one of our favorite reasons to look at Solr logs using Elastic stack. It is easy to create dashboards that convey a lot of information in an easily digestible manner. While it is possible to use grep commands in a console to see commits per collection, you can see in this example that a visualization is a lot easier to understand than the results you would get from grep.<\/span><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c506698 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-image\" data-id=\"c506698\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img width=\"1024\" height=\"642\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/KibanaLogExample-1024x642.png\" class=\"attachment-large size-large wp-image-28412\" alt=\"\" srcset=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/KibanaLogExample-1024x642.png 1024w, https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/KibanaLogExample-300x188.png 300w, https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/KibanaLogExample-768x482.png 768w, https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/KibanaLogExample.png 1159w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c4507d3 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"c4507d3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-49d5daa flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"49d5daa\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-large\">Conclusion<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f6ac032 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-text-editor\" data-id=\"f6ac032\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-text-editor elementor-clearfix\">\r\n\t\t\t\t\t\t<p><span style=\"font-weight: 400;\">While there is a bit of up-front work required with this approach, the payoff is having a great way to look at your Solr logs both in real time or as needed. Let us know what type of questions you hope to answer when looking at your Solr logs, and if you have other approaches that you prefer.<\/span><\/p><p><span style=\"font-weight: 400;\">If you\u2019re experiencing issues with your Solr (or Elasticsearch, or Opensearch) cluster or need help interpreting your logs, please contact us!\u00a0<\/span><\/p>\t\t\t\t\t\t\t<\/div>\r\n\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-192510c elementor-hidden-tablet elementor-hidden-mobile\" data-id=\"192510c\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap\">\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-1f6e963\" data-id=\"1f6e963\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-421c760 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"421c760\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"title-h6 elementor-heading-title elementor-size-small\">Share post<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d970719 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-thegem-social-sharing\" data-id=\"d970719\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"thegem-social-sharing.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\n        <div id=\"thegem-custom-69d72ee1306d31099\" class=\"thegem-te-socials-sharing socials-sharing--left socials-sharing--simple socials-sharing--tiny\">\n            <div class=\"socials-sharing\">\n                <ul>\n\t\t\t\t\t                        <li><a class=\"socials-item facebook\" target=\"_blank\" href=\"https:\/\/www.facebook.com\/sharer\/sharer.php?u=https%3A%2F%2Fkmwllc.com%2Findex.php%2Fwp-json%2Fwp%2Fv2%2Fposts%2F28075\" title=\"Facebook\"><i class=\"socials-item-icon facebook\"><\/i><\/a><\/li>\n\t\t\t\t\t\n\t\t\t\t\t                        <li><a class=\"socials-item twitter\" target=\"_blank\" href=\"https:\/\/twitter.com\/intent\/tweet?text=&#038;url=https%3A%2F%2Fkmwllc.com%2Findex.php%2Fwp-json%2Fwp%2Fv2%2Fposts%2F28075\" title=\"Twitter\"><i class=\"socials-item-icon twitter\"><\/i><\/a><\/li>\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t                        <li><a class=\"socials-item linkedin\" target=\"_blank\" href=\"https:\/\/www.linkedin.com\/shareArticle?mini=true&#038;url=https%3A%2F%2Fkmwllc.com%2Findex.php%2Fwp-json%2Fwp%2Fv2%2Fposts%2F28075&#038;title=&amp;summary=\" title=\"LinkedIn\"><i class=\"socials-item-icon linkedin\"><\/i><\/a><\/li>\n\t\t\t\t\t\n\t\t\t\t\t                        <li><a class=\"socials-item reddit\" target=\"_blank\" href=\"https:\/\/www.reddit.com\/submit?url=https%3A%2F%2Fkmwllc.com%2Findex.php%2Fwp-json%2Fwp%2Fv2%2Fposts%2F28075&#038;title=\" title=\"Reddit\"><i class=\"socials-item-icon reddit\"><\/i><\/a><\/li>\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t\n\t\t\t\t\t                        <li><a class=\"socials-item threads\" target=\"_blank\" href=\"https:\/\/www.threads.net\/intent\/post?text=https%3A%2F%2Fkmwllc.com%2Findex.php%2Fwp-json%2Fwp%2Fv2%2Fposts%2F28075\" title=\"Threads\"><i class=\"socials-item-icon threads\"><\/i><\/a><\/li>\n\t\t\t\t\t                <\/ul>\n            <\/div>\n        <\/div>\n\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e841371 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"e841371\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e2adb0d flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\" data-id=\"e2adb0d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"title-h6 elementor-heading-title elementor-size-small\">More From the KMW Blog<\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2c3c63f flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-thegem-bloglist\" data-id=\"2c3c63f\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;thegem_elementor_preset&quot;:&quot;compact-tiny-2&quot;,&quot;source&quot;:[&quot;posts&quot;],&quot;exclude_blog_posts&quot;:[&quot;28075&quot;],&quot;query_type&quot;:&quot;post&quot;,&quot;exclude_blog_posts_type&quot;:&quot;manual&quot;,&quot;order_by&quot;:&quot;default&quot;,&quot;order&quot;:&quot;default&quot;,&quot;items_per_page&quot;:8}\" data-widget_type=\"thegem-bloglist.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t<div class=\"bloglist blog clearfix  blog-style-compact-tiny-2   \" data-page=\"1\" data-paged=\"1\" data-next-page=\"2\" data-pages-count=\"3\" data-load-more-action=\"thegem_bloglist_load_more\">\n\t\t\t\r\n<article id=\"post-30279\" class=\"post-item clearfix post-30279 post type-post status-publish format-standard has-post-thumbnail category-elasticsearch category-lucene category-performance\">\r\n\t\t\t<div class=\"gem-compact-tiny-left\">\r\n\t\t\t<div class=\"gem-news-item-image\">\r\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2026\/01\/10\/the-mystery-of-elasticsearch-8-17-query-performance-degradation\/\"><img width=\"144\" height=\"144\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2026\/01\/blog_elasticperftest_900x1200-thegem-news-carousel.png\" class=\"img-responsive wp-post-image\" alt=\"blog_elasticperftest_900x1200\" \/><\/a>\r\n\t\t\t<\/div>\r\n\t\t<\/div>\r\n\t\r\n\t<div class=\"gem-compact-tiny-right\">\r\n\t\t<div class=\"gem-compact-item-content\">\r\n\t\t\t<div class=\"tiny-post-title gem-news-item-title text-body-tiny\"><a class=\"reverse-link-color \" href=\"https:\/\/kmwllc.com\/index.php\/2026\/01\/10\/the-mystery-of-elasticsearch-8-17-query-performance-degradation\/\" rel=\"bookmark\">The Mystery of Elasticsearch 8.17 Query Performance Degradation<\/a><\/div>\t\t<\/div>\r\n\t\t<div class=\"post-meta\">\r\n\t\t\t<div class=\"entry-meta clearfix text-body-tiny\">\r\n\t\t\t\t<div class=\"post-meta-left gem-news-item-date\">\r\n\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-author tiny-post-author\">By Henry Caldwell<\/span><br>\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-date tiny-post-date\">January 10, 2026<\/span>\t\t\t\t<\/div>\r\n\t\t\t\t<div class=\"post-meta-right\">\r\n\t\t\t\t\t\t\t\t\t<\/div>\r\n\t\t\t<\/div><!-- .entry-meta -->\r\n\t\t<\/div>\r\n\r\n\t<\/div>\r\n<\/article><!-- #post-30279 -->\r\n\r\n<article id=\"post-30125\" class=\"post-item clearfix post-30125 post type-post status-publish format-standard has-post-thumbnail category-ai category-performance category-relevancy category-search category-uncategorized\">\r\n\t\t\t<div class=\"gem-compact-tiny-left\">\r\n\t\t\t<div class=\"gem-news-item-image\">\r\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2025\/10\/04\/whats-the-best-way-to-do-entity-extraction-for-search\/\"><img loading=\"lazy\" width=\"144\" height=\"144\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2025\/10\/blogpost_entityex-thegem-news-carousel.png\" class=\"img-responsive wp-post-image\" alt=\"blogpost_entityex\" \/><\/a>\r\n\t\t\t<\/div>\r\n\t\t<\/div>\r\n\t\r\n\t<div class=\"gem-compact-tiny-right\">\r\n\t\t<div class=\"gem-compact-item-content\">\r\n\t\t\t<div class=\"tiny-post-title gem-news-item-title text-body-tiny\"><a class=\"reverse-link-color \" href=\"https:\/\/kmwllc.com\/index.php\/2025\/10\/04\/whats-the-best-way-to-do-entity-extraction-for-search\/\" rel=\"bookmark\">What&#8217;s the best way to do entity extraction for search?<\/a><\/div>\t\t<\/div>\r\n\t\t<div class=\"post-meta\">\r\n\t\t\t<div class=\"entry-meta clearfix text-body-tiny\">\r\n\t\t\t\t<div class=\"post-meta-left gem-news-item-date\">\r\n\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-author tiny-post-author\">By Jacob Squatrito<\/span><br>\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-date tiny-post-date\">October 4, 2025<\/span>\t\t\t\t<\/div>\r\n\t\t\t\t<div class=\"post-meta-right\">\r\n\t\t\t\t\t\t\t\t\t<\/div>\r\n\t\t\t<\/div><!-- .entry-meta -->\r\n\t\t<\/div>\r\n\r\n\t<\/div>\r\n<\/article><!-- #post-30125 -->\r\n\r\n<article id=\"post-30155\" class=\"post-item clearfix post-30155 post type-post status-publish format-standard has-post-thumbnail category-ai\">\r\n\t\t\t<div class=\"gem-compact-tiny-left\">\r\n\t\t\t<div class=\"gem-news-item-image\">\r\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2025\/05\/20\/mcp-in-llm-apps-overkill-or-integral\/\"><img loading=\"lazy\" width=\"144\" height=\"144\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2025\/05\/blog_mcp_1200x900_min-thegem-news-carousel.png\" class=\"img-responsive wp-post-image\" alt=\"blog_mcp_1200x900_min\" \/><\/a>\r\n\t\t\t<\/div>\r\n\t\t<\/div>\r\n\t\r\n\t<div class=\"gem-compact-tiny-right\">\r\n\t\t<div class=\"gem-compact-item-content\">\r\n\t\t\t<div class=\"tiny-post-title gem-news-item-title text-body-tiny\"><a class=\"reverse-link-color \" href=\"https:\/\/kmwllc.com\/index.php\/2025\/05\/20\/mcp-in-llm-apps-overkill-or-integral\/\" rel=\"bookmark\">MCP in LLM Apps: Overkill or Integral?<\/a><\/div>\t\t<\/div>\r\n\t\t<div class=\"post-meta\">\r\n\t\t\t<div class=\"entry-meta clearfix text-body-tiny\">\r\n\t\t\t\t<div class=\"post-meta-left gem-news-item-date\">\r\n\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-author tiny-post-author\">By Kevin Butler<\/span><br>\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-date tiny-post-date\">May 20, 2025<\/span>\t\t\t\t<\/div>\r\n\t\t\t\t<div class=\"post-meta-right\">\r\n\t\t\t\t\t\t\t\t\t<\/div>\r\n\t\t\t<\/div><!-- .entry-meta -->\r\n\t\t<\/div>\r\n\r\n\t<\/div>\r\n<\/article><!-- #post-30155 -->\r\n\r\n<article id=\"post-29895\" class=\"post-item clearfix post-29895 post type-post status-publish format-standard has-post-thumbnail category-ai category-opensearch category-relevancy category-search category-solr category-vector-search\">\r\n\t\t\t<div class=\"gem-compact-tiny-left\">\r\n\t\t\t<div class=\"gem-news-item-image\">\r\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2024\/06\/23\/rag-question-answering-system-for-solr-and-opensearch\/\"><img loading=\"lazy\" width=\"144\" height=\"144\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2024\/06\/blog_rag-thegem-news-carousel.png\" class=\"img-responsive wp-post-image\" alt=\"blog_rag\" \/><\/a>\r\n\t\t\t<\/div>\r\n\t\t<\/div>\r\n\t\r\n\t<div class=\"gem-compact-tiny-right\">\r\n\t\t<div class=\"gem-compact-item-content\">\r\n\t\t\t<div class=\"tiny-post-title gem-news-item-title text-body-tiny\"><a class=\"reverse-link-color \" href=\"https:\/\/kmwllc.com\/index.php\/2024\/06\/23\/rag-question-answering-system-for-solr-and-opensearch\/\" rel=\"bookmark\">RAG Question Answering System for Solr and OpenSearch\u00a0<\/a><\/div>\t\t<\/div>\r\n\t\t<div class=\"post-meta\">\r\n\t\t\t<div class=\"entry-meta clearfix text-body-tiny\">\r\n\t\t\t\t<div class=\"post-meta-left gem-news-item-date\">\r\n\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-author tiny-post-author\">By Akul Sethi<\/span><br>\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-date tiny-post-date\">June 23, 2024<\/span>\t\t\t\t<\/div>\r\n\t\t\t\t<div class=\"post-meta-right\">\r\n\t\t\t\t\t\t\t\t\t<\/div>\r\n\t\t\t<\/div><!-- .entry-meta -->\r\n\t\t<\/div>\r\n\r\n\t<\/div>\r\n<\/article><!-- #post-29895 -->\r\n\r\n<article id=\"post-29639\" class=\"post-item clearfix post-29639 post type-post status-publish format-standard has-post-thumbnail category-lucene category-opensearch category-performance category-search\">\r\n\t\t\t<div class=\"gem-compact-tiny-left\">\r\n\t\t\t<div class=\"gem-news-item-image\">\r\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2024\/05\/30\/duplicate-terms-aggregation-plug-in-for-opensearch\/\"><img loading=\"lazy\" width=\"144\" height=\"144\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2024\/05\/blog_opensearch-agg1200x900-min-thegem-news-carousel.png\" class=\"img-responsive wp-post-image\" alt=\"blog_opensearch-agg1200x900-min\" \/><\/a>\r\n\t\t\t<\/div>\r\n\t\t<\/div>\r\n\t\r\n\t<div class=\"gem-compact-tiny-right\">\r\n\t\t<div class=\"gem-compact-item-content\">\r\n\t\t\t<div class=\"tiny-post-title gem-news-item-title text-body-tiny\"><a class=\"reverse-link-color \" href=\"https:\/\/kmwllc.com\/index.php\/2024\/05\/30\/duplicate-terms-aggregation-plug-in-for-opensearch\/\" rel=\"bookmark\">Duplicate Terms Aggregation Plug-in for OpenSearch<\/a><\/div>\t\t<\/div>\r\n\t\t<div class=\"post-meta\">\r\n\t\t\t<div class=\"entry-meta clearfix text-body-tiny\">\r\n\t\t\t\t<div class=\"post-meta-left gem-news-item-date\">\r\n\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-author tiny-post-author\">By Abijit Rangesh<\/span><br>\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-date tiny-post-date\">May 30, 2024<\/span>\t\t\t\t<\/div>\r\n\t\t\t\t<div class=\"post-meta-right\">\r\n\t\t\t\t\t\t\t\t\t<\/div>\r\n\t\t\t<\/div><!-- .entry-meta -->\r\n\t\t<\/div>\r\n\r\n\t<\/div>\r\n<\/article><!-- #post-29639 -->\r\n\r\n<article id=\"post-28464\" class=\"post-item clearfix post-28464 post type-post status-publish format-standard has-post-thumbnail category-ai category-opensearch category-search category-vector-search\">\r\n\t\t\t<div class=\"gem-compact-tiny-left\">\r\n\t\t\t<div class=\"gem-news-item-image\">\r\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2023\/03\/29\/building-vector-search-on-opensearch\/\"><img loading=\"lazy\" width=\"144\" height=\"144\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2024\/05\/blog_vectorSearch_1200x900-min-thegem-news-carousel.png\" class=\"img-responsive wp-post-image\" alt=\"blog_vectorSearch_1200x900-min\" \/><\/a>\r\n\t\t\t<\/div>\r\n\t\t<\/div>\r\n\t\r\n\t<div class=\"gem-compact-tiny-right\">\r\n\t\t<div class=\"gem-compact-item-content\">\r\n\t\t\t<div class=\"tiny-post-title gem-news-item-title text-body-tiny\"><a class=\"reverse-link-color \" href=\"https:\/\/kmwllc.com\/index.php\/2023\/03\/29\/building-vector-search-on-opensearch\/\" rel=\"bookmark\">Building A Vector Search Application on OpenSearch<\/a><\/div>\t\t<\/div>\r\n\t\t<div class=\"post-meta\">\r\n\t\t\t<div class=\"entry-meta clearfix text-body-tiny\">\r\n\t\t\t\t<div class=\"post-meta-left gem-news-item-date\">\r\n\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-author tiny-post-author\">By Jake Horban<\/span><br>\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-date tiny-post-date\">March 29, 2023<\/span>\t\t\t\t<\/div>\r\n\t\t\t\t<div class=\"post-meta-right\">\r\n\t\t\t\t\t\t\t\t\t<\/div>\r\n\t\t\t<\/div><!-- .entry-meta -->\r\n\t\t<\/div>\r\n\r\n\t<\/div>\r\n<\/article><!-- #post-28464 -->\r\n\r\n<article id=\"post-27467\" class=\"post-item clearfix post-27467 post type-post status-publish format-standard has-post-thumbnail category-search category-solr\">\r\n\t\t\t<div class=\"gem-compact-tiny-left\">\r\n\t\t\t<div class=\"gem-news-item-image\">\r\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2022\/11\/17\/solrs-query-elevation-component-now-supports-filter-exclusions\/\"><img loading=\"lazy\" width=\"144\" height=\"144\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/11\/blog_QEC1200x900-thegem-news-carousel.png\" class=\"img-responsive wp-post-image\" alt=\"blog_QEC1200x900\" \/><\/a>\r\n\t\t\t<\/div>\r\n\t\t<\/div>\r\n\t\r\n\t<div class=\"gem-compact-tiny-right\">\r\n\t\t<div class=\"gem-compact-item-content\">\r\n\t\t\t<div class=\"tiny-post-title gem-news-item-title text-body-tiny\"><a class=\"reverse-link-color \" href=\"https:\/\/kmwllc.com\/index.php\/2022\/11\/17\/solrs-query-elevation-component-now-supports-filter-exclusions\/\" rel=\"bookmark\">Solr&#8217;s query elevation component now supports filter exclusions<\/a><\/div>\t\t<\/div>\r\n\t\t<div class=\"post-meta\">\r\n\t\t\t<div class=\"entry-meta clearfix text-body-tiny\">\r\n\t\t\t\t<div class=\"post-meta-left gem-news-item-date\">\r\n\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-author tiny-post-author\">By Rudi Seitz<\/span><br>\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-date tiny-post-date\">November 17, 2022<\/span>\t\t\t\t<\/div>\r\n\t\t\t\t<div class=\"post-meta-right\">\r\n\t\t\t\t\t\t\t\t\t<\/div>\r\n\t\t\t<\/div><!-- .entry-meta -->\r\n\t\t<\/div>\r\n\r\n\t<\/div>\r\n<\/article><!-- #post-27467 -->\r\n\r\n<article id=\"post-26659\" class=\"post-item clearfix post-26659 post type-post status-publish format-standard has-post-thumbnail category-search\">\r\n\t\t\t<div class=\"gem-compact-tiny-left\">\r\n\t\t\t<div class=\"gem-news-item-image\">\r\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2022\/09\/30\/the-kmw-search-audit\/\"><img loading=\"lazy\" width=\"144\" height=\"144\" src=\"https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/09\/blog_KMWSearchAudit1200x900-thegem-news-carousel.png\" class=\"img-responsive wp-post-image\" alt=\"blog_KMWSearchAudit1200x900\" \/><\/a>\r\n\t\t\t<\/div>\r\n\t\t<\/div>\r\n\t\r\n\t<div class=\"gem-compact-tiny-right\">\r\n\t\t<div class=\"gem-compact-item-content\">\r\n\t\t\t<div class=\"tiny-post-title gem-news-item-title text-body-tiny\"><a class=\"reverse-link-color \" href=\"https:\/\/kmwllc.com\/index.php\/2022\/09\/30\/the-kmw-search-audit\/\" rel=\"bookmark\">The KMW Search Audit<\/a><\/div>\t\t<\/div>\r\n\t\t<div class=\"post-meta\">\r\n\t\t\t<div class=\"entry-meta clearfix text-body-tiny\">\r\n\t\t\t\t<div class=\"post-meta-left gem-news-item-date\">\r\n\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-author tiny-post-author\">By Brian Nauheimer<\/span><br>\t\t\t\t\t<span\r\n\t\t\t\t\t\t\tclass=\"post-meta-date tiny-post-date\">September 30, 2022<\/span>\t\t\t\t<\/div>\r\n\t\t\t\t<div class=\"post-meta-right\">\r\n\t\t\t\t\t\t\t\t\t<\/div>\r\n\t\t\t<\/div><!-- .entry-meta -->\r\n\t\t<\/div>\r\n\r\n\t<\/div>\r\n<\/article><!-- #post-26659 -->\r\n\t\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div><\/div>\r\n\t\t<\/section>\r\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-8890d36 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"8890d36\" data-element_type=\"section\" data-e-type=\"section\">\r\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-no\"><div class=\"elementor-row\">\r\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-dabf496\" data-id=\"dabf496\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fb84fb3 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\" data-id=\"fb84fb3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"spacer.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-spacer\">\n\t\t\t<div class=\"elementor-spacer-inner\"><\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ae62ddf flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-global elementor-global-28083 elementor-widget-post-navigation\" data-id=\"ae62ddf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"post-navigation.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-post-navigation\" role=\"navigation\" aria-label=\"Post Navigation\">\n\t\t\t<div class=\"elementor-post-navigation__prev elementor-post-navigation__link\">\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2022\/07\/02\/search-engine-upgrade\/\" rel=\"prev\"><span class=\"elementor-post-navigation__link__prev\"><span class=\"post-navigation__prev--label\">Previous Post<\/span><span class=\"post-navigation__prev--title\">Search Engine Upgrade<\/span><\/span><\/a>\t\t\t<\/div>\n\t\t\t\t\t\t<div class=\"elementor-post-navigation__next elementor-post-navigation__link\">\n\t\t\t\t<a href=\"https:\/\/kmwllc.com\/index.php\/2022\/11\/17\/solrs-query-elevation-component-now-supports-filter-exclusions\/\" rel=\"next\"><span class=\"elementor-post-navigation__link__next\"><span class=\"post-navigation__next--label\">Next Post<\/span><span class=\"post-navigation__next--title\">Solr&#8217;s query elevation component now supports filter exclusions<\/span><\/span><\/a>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div><\/div>\r\n\t\t<\/section>\r\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>When it comes to analyzing Solr logs, Solr does have some out of the box tools. However, we\u2019ve found that those tools don\u2019t give a lot of options for creating rich visual analysis, and don&#8217;t offer a way to analyze logs in real time. So what do we do? We turn to another open-source platform: Elastic.<\/p>\n","protected":false},"author":9,"featured_media":29692,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[38,36,37],"tags":[],"class_list":{"0":"post-28075","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-elasticsearch","8":"category-search","9":"category-solr"},"aioseo_notices":[],"post_meta_fields":{"_wp_page_template":["default"],"_edit_lock":["1748877548:7"],"_last_editor_used_jetpack":["block-editor"],"_edit_last":["7"],"_customize_sidebars":["yes"],"thegem_post_general_item_data":["a:22:{s:20:\"post_layout_settings\";s:6:\"custom\";s:18:\"post_layout_source\";s:7:\"default\";s:21:\"post_builder_template\";s:1:\"0\";s:26:\"show_featured_posts_slider\";i:1;s:21:\"show_featured_content\";s:7:\"default\";s:10:\"video_type\";s:7:\"youtube\";s:5:\"video\";s:0:\"\";s:18:\"video_aspect_ratio\";s:0:\"\";s:10:\"quote_text\";s:0:\"\";s:12:\"quote_author\";s:0:\"\";s:16:\"quote_background\";s:0:\"\";s:18:\"quote_author_color\";s:0:\"\";s:5:\"audio\";s:0:\"\";s:7:\"gallery\";i:0;s:18:\"gallery_autoscroll\";i:0;s:9:\"highlight\";i:0;s:14:\"highlight_type\";s:7:\"squared\";s:15:\"highlight_style\";s:7:\"default\";s:31:\"highlight_title_left_background\";s:9:\"#00BCD4FF\";s:26:\"highlight_title_left_color\";s:9:\"#FFFFFFFF\";s:32:\"highlight_title_right_background\";s:9:\"#00BCD4FF\";s:27:\"highlight_title_right_color\";s:9:\"#FFFFFFFF\";}"],"thegem_show_featured_posts_slider":["1"],"thegem_post_page_elements_data":["a:12:{s:13:\"post_elements\";s:6:\"custom\";s:11:\"show_author\";i:0;s:16:\"blog_hide_author\";i:1;s:14:\"blog_hide_date\";i:1;s:26:\"blog_hide_date_in_blog_cat\";i:0;s:20:\"blog_hide_categories\";i:1;s:14:\"blog_hide_tags\";i:1;s:18:\"blog_hide_comments\";i:1;s:15:\"blog_hide_likes\";i:1;s:20:\"blog_hide_navigation\";i:1;s:17:\"blog_hide_socials\";i:1;s:17:\"blog_hide_realted\";i:0;}"],"thegem_popups_data":["a:2:{s:20:\"popups_layout_source\";s:7:\"default\";s:12:\"thegemPopups\";a:0:{}}"],"thegem_page_data":["a:189:{s:10:\"title_show\";s:7:\"default\";s:11:\"title_style\";s:1:\"2\";s:14:\"title_template\";s:5:\"27835\";s:23:\"title_use_page_settings\";i:1;s:12:\"title_xlarge\";i:0;s:18:\"title_rich_content\";i:0;s:13:\"title_content\";s:0:\"\";s:21:\"title_background_type\";s:5:\"color\";s:22:\"title_background_image\";s:0:\"\";s:29:\"title_background_image_repeat\";i:0;s:27:\"title_background_position_x\";s:6:\"center\";s:27:\"title_background_position_y\";s:3:\"top\";s:21:\"title_background_size\";s:5:\"cover\";s:28:\"title_background_image_color\";s:0:\"\";s:30:\"title_background_image_overlay\";s:0:\"\";s:30:\"title_background_gradient_type\";s:6:\"linear\";s:31:\"title_background_gradient_angle\";i:90;s:34:\"title_background_gradient_position\";s:13:\"center center\";s:38:\"title_background_gradient_point1_color\";s:9:\"#00BCD4BF\";s:41:\"title_background_gradient_point1_position\";i:0;s:38:\"title_background_gradient_point2_color\";s:9:\"#354093BF\";s:41:\"title_background_gradient_point2_position\";i:100;s:23:\"title_background_effect\";s:6:\"normal\";s:36:\"title_background_ken_burns_direction\";s:7:\"zoom_in\";s:43:\"title_background_ken_burns_transition_speed\";i:15000;s:37:\"title_background_video_play_on_mobile\";i:0;s:22:\"title_background_color\";s:7:\"#333144\";s:27:\"title_background_video_type\";s:0:\"\";s:22:\"title_background_video\";s:0:\"\";s:35:\"title_background_video_aspect_ratio\";s:0:\"\";s:36:\"title_background_video_overlay_color\";s:0:\"\";s:38:\"title_background_video_overlay_opacity\";s:0:\"\";s:29:\"title_background_video_poster\";s:0:\"\";s:19:\"title_menu_on_video\";s:0:\"\";s:16:\"title_text_color\";s:7:\"#ffffff\";s:24:\"title_excerpt_text_color\";s:7:\"#ffffff\";s:13:\"title_excerpt\";s:0:\"\";s:17:\"title_title_width\";i:0;s:19:\"title_excerpt_width\";i:0;s:22:\"title_font_preset_html\";s:0:\"\";s:23:\"title_font_preset_style\";s:0:\"\";s:24:\"title_font_preset_weight\";s:0:\"\";s:27:\"title_font_preset_transform\";s:0:\"\";s:30:\"title_excerpt_font_preset_html\";s:0:\"\";s:31:\"title_excerpt_font_preset_style\";s:0:\"\";s:32:\"title_excerpt_font_preset_weight\";s:0:\"\";s:35:\"title_excerpt_font_preset_transform\";s:0:\"\";s:17:\"title_padding_top\";i:80;s:24:\"title_padding_top_tablet\";i:80;s:24:\"title_padding_top_mobile\";i:80;s:20:\"title_padding_bottom\";i:80;s:27:\"title_padding_bottom_tablet\";i:80;s:27:\"title_padding_bottom_mobile\";i:80;s:18:\"title_padding_left\";i:0;s:25:\"title_padding_left_tablet\";i:0;s:25:\"title_padding_left_mobile\";i:0;s:19:\"title_padding_right\";i:0;s:26:\"title_padding_right_tablet\";i:0;s:26:\"title_padding_right_mobile\";i:0;s:16:\"title_top_margin\";s:0:\"\";s:23:\"title_top_margin_tablet\";i:0;s:23:\"title_top_margin_mobile\";i:0;s:24:\"title_excerpt_top_margin\";i:18;s:31:\"title_excerpt_top_margin_tablet\";i:18;s:31:\"title_excerpt_top_margin_mobile\";i:18;s:17:\"title_breadcrumbs\";i:1;s:15:\"title_alignment\";s:0:\"\";s:15:\"title_icon_pack\";s:7:\"elegant\";s:10:\"title_icon\";s:0:\"\";s:16:\"title_icon_color\";s:0:\"\";s:18:\"title_icon_color_2\";s:0:\"\";s:27:\"title_icon_background_color\";s:0:\"\";s:16:\"title_icon_shape\";s:6:\"circle\";s:23:\"title_icon_border_color\";s:0:\"\";s:15:\"title_icon_size\";s:5:\"large\";s:16:\"title_icon_style\";s:0:\"\";s:18:\"title_icon_opacity\";d:0;s:25:\"breadcrumbs_default_color\";s:0:\"\";s:24:\"breadcrumbs_active_color\";s:0:\"\";s:23:\"breadcrumbs_hover_color\";s:0:\"\";s:27:\"title_breadcrumbs_alignment\";s:6:\"center\";s:18:\"header_transparent\";i:0;s:14:\"header_opacity\";i:50;s:22:\"header_menu_logo_light\";i:0;s:20:\"header_hide_top_area\";s:7:\"default\";s:27:\"header_hide_top_area_tablet\";s:7:\"default\";s:27:\"header_hide_top_area_mobile\";s:7:\"default\";s:9:\"menu_show\";s:7:\"default\";s:12:\"menu_options\";s:7:\"default\";s:18:\"header_custom_menu\";i:0;s:27:\"header_top_area_transparent\";i:0;s:23:\"header_top_area_opacity\";i:50;s:16:\"top_area_options\";s:7:\"default\";s:13:\"header_source\";s:7:\"default\";s:14:\"header_builder\";s:1:\"0\";s:29:\"header_builder_sticky_desktop\";i:0;s:28:\"header_builder_sticky_mobile\";i:0;s:34:\"header_builder_sticky_hide_desktop\";i:0;s:33:\"header_builder_sticky_hide_mobile\";i:1;s:21:\"header_builder_sticky\";s:1:\"0\";s:29:\"header_builder_sticky_opacity\";i:80;s:26:\"header_builder_light_color\";s:7:\"#FFFFFF\";s:32:\"header_builder_light_color_hover\";s:7:\"#00bcd4\";s:20:\"main_background_type\";s:5:\"color\";s:21:\"main_background_color\";s:7:\"#ffffff\";s:21:\"main_background_image\";s:60:\"https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/11\/Artboard-3.png\";s:28:\"main_background_image_repeat\";i:1;s:26:\"main_background_position_x\";s:4:\"left\";s:26:\"main_background_position_y\";s:3:\"top\";s:20:\"main_background_size\";s:4:\"auto\";s:27:\"main_background_image_color\";s:0:\"\";s:29:\"main_background_image_overlay\";s:0:\"\";s:29:\"main_background_gradient_type\";s:6:\"linear\";s:30:\"main_background_gradient_angle\";i:90;s:33:\"main_background_gradient_position\";s:0:\"\";s:37:\"main_background_gradient_point1_color\";s:9:\"#E9ECDAFF\";s:40:\"main_background_gradient_point1_position\";i:0;s:37:\"main_background_gradient_point2_color\";s:9:\"#D5F6FAFF\";s:40:\"main_background_gradient_point2_position\";i:100;s:23:\"main_background_pattern\";s:0:\"\";s:19:\"content_padding_top\";i:50;s:26:\"content_padding_top_tablet\";i:30;s:26:\"content_padding_top_mobile\";i:20;s:22:\"content_padding_bottom\";i:50;s:29:\"content_padding_bottom_tablet\";i:30;s:29:\"content_padding_bottom_mobile\";i:20;s:20:\"content_area_options\";s:6:\"custom\";s:18:\"footer_custom_show\";s:7:\"default\";s:13:\"footer_custom\";s:5:\"24822\";s:19:\"footer_hide_default\";s:7:\"default\";s:23:\"footer_hide_widget_area\";s:7:\"default\";s:16:\"effects_disabled\";i:0;s:17:\"effects_one_pager\";i:0;s:23:\"effects_parallax_footer\";i:0;s:24:\"effects_no_bottom_margin\";i:0;s:21:\"effects_no_top_margin\";i:0;s:19:\"redirect_to_subpage\";i:0;s:19:\"effects_hide_header\";s:7:\"default\";s:19:\"effects_hide_footer\";s:7:\"default\";s:21:\"effects_page_scroller\";i:0;s:28:\"effects_page_scroller_mobile\";i:0;s:26:\"effects_page_scroller_type\";s:8:\"advanced\";s:22:\"fullpage_disabled_dots\";i:0;s:19:\"fullpage_style_dots\";s:7:\"outline\";s:31:\"fullpage_disabled_tooltips_dots\";i:0;s:25:\"fullpage_fixed_background\";b:0;s:26:\"fullpage_enable_continuous\";i:0;s:24:\"fullpage_disabled_mobile\";i:0;s:22:\"fullpage_scroll_effect\";s:6:\"normal\";s:21:\"enable_page_preloader\";s:7:\"default\";s:14:\"slideshow_type\";s:0:\"\";s:19:\"slideshow_slideshow\";s:0:\"\";s:21:\"slideshow_layerslider\";s:0:\"\";s:19:\"slideshow_revslider\";s:0:\"\";s:19:\"slideshow_preloader\";i:0;s:12:\"sidebar_show\";s:7:\"default\";s:16:\"sidebar_position\";s:5:\"right\";s:14:\"sidebar_sticky\";i:0;s:24:\"product_header_separator\";i:0;s:23:\"page_layout_breadcrumbs\";s:7:\"default\";s:37:\"page_layout_breadcrumbs_default_color\";s:9:\"#99A9B5FF\";s:36:\"page_layout_breadcrumbs_active_color\";s:9:\"#3C3950FF\";s:35:\"page_layout_breadcrumbs_hover_color\";s:9:\"#3C3950FF\";s:33:\"page_layout_breadcrumbs_alignment\";s:4:\"left\";s:38:\"page_layout_breadcrumbs_bottom_spacing\";s:1:\"0\";s:37:\"page_layout_breadcrumbs_shop_category\";i:0;s:18:\"delay_js_execution\";i:0;s:13:\"disable_cache\";i:0;s:31:\"title_breadcrumbs_shop_category\";s:1:\"0\";s:20:\"title_padding_locked\";s:0:\"\";s:27:\"title_padding_tablet_locked\";s:0:\"\";s:27:\"title_padding_mobile_locked\";s:0:\"\";s:24:\"title_background_pattern\";s:0:\"\";s:30:\"title_background_video_overlay\";s:0:\"\";s:16:\"title_icon__pack\";s:0:\"\";s:21:\"title_icon_shape_show\";s:0:\"\";s:25:\"footer_widget_woocommerce\";s:1:\"1\";s:26:\"delay_js_execution_desktop\";s:1:\"0\";s:25:\"delay_js_execution_mobile\";s:1:\"0\";s:19:\"portfolio_item_data\";a:9:{s:8:\"back_url\";s:0:\"\";s:9:\"highlight\";s:0:\"\";s:14:\"highlight_type\";s:0:\"\";s:14:\"overview_title\";s:0:\"\";s:16:\"overview_summary\";s:0:\"\";s:12:\"project_link\";s:0:\"\";s:12:\"project_text\";s:0:\"\";s:9:\"fullwidth\";s:0:\"\";s:19:\"project_button_show\";s:0:\"\";}s:23:\"portfolio_elements_data\";a:7:{s:23:\"portfolio_page_elements\";s:7:\"default\";s:19:\"portfolio_hide_date\";s:0:\"\";s:19:\"portfolio_hide_sets\";s:0:\"\";s:20:\"portfolio_hide_likes\";s:0:\"\";s:22:\"portfolio_hide_socials\";s:0:\"\";s:29:\"portfolio_hide_top_navigation\";s:0:\"\";s:32:\"portfolio_hide_bottom_navigation\";s:0:\"\";}s:17:\"product_item_data\";a:109:{s:9:\"highlight\";s:0:\"\";s:14:\"highlight_type\";s:7:\"squared\";s:28:\"thegem_product_disable_hover\";s:1:\"0\";s:10:\"size_guide\";s:7:\"default\";s:16:\"size_guide_image\";s:0:\"\";s:23:\"product_layout_settings\";s:7:\"default\";s:21:\"product_layout_source\";s:7:\"default\";s:24:\"product_builder_template\";s:0:\"\";s:19:\"product_page_layout\";s:7:\"default\";s:25:\"product_page_layout_style\";s:15:\"horizontal_tabs\";s:28:\"product_page_layout_centered\";s:1:\"0\";s:39:\"product_page_layout_centered_top_margin\";s:2:\"42\";s:34:\"product_page_layout_centered_boxed\";s:1:\"0\";s:40:\"product_page_layout_centered_boxed_color\";s:0:\"\";s:29:\"product_page_layout_fullwidth\";s:1:\"0\";s:26:\"product_page_layout_sticky\";s:1:\"0\";s:33:\"product_page_layout_sticky_offset\";s:1:\"0\";s:28:\"product_page_skeleton_loader\";s:1:\"0\";s:30:\"product_page_layout_background\";s:0:\"\";s:30:\"product_page_layout_title_area\";s:8:\"disabled\";s:29:\"product_page_ajax_add_to_cart\";s:1:\"1\";s:31:\"product_page_desc_review_source\";s:17:\"extra_description\";s:31:\"product_page_desc_review_layout\";s:4:\"tabs\";s:42:\"product_page_desc_review_layout_tabs_style\";s:10:\"horizontal\";s:46:\"product_page_desc_review_layout_tabs_alignment\";s:4:\"left\";s:44:\"product_page_desc_review_layout_acc_position\";s:13:\"below_gallery\";s:65:\"product_page_desc_review_layout_one_by_one_description_background\";s:9:\"#F4F6F7FF\";s:69:\"product_page_desc_review_layout_one_by_one_additional_info_background\";s:9:\"#FFFFFFFF\";s:61:\"product_page_desc_review_layout_one_by_one_reviews_background\";s:9:\"#F4F6F7FF\";s:36:\"product_page_desc_review_description\";s:1:\"1\";s:42:\"product_page_desc_review_description_title\";s:11:\"Description\";s:40:\"product_page_desc_review_additional_info\";s:1:\"1\";s:46:\"product_page_desc_review_additional_info_title\";s:15:\"Additional Info\";s:32:\"product_page_desc_review_reviews\";s:1:\"1\";s:38:\"product_page_desc_review_reviews_title\";s:7:\"Reviews\";s:36:\"product_page_button_add_to_cart_text\";s:11:\"Add to Cart\";s:36:\"product_page_button_add_to_cart_icon\";s:4:\"f1e7\";s:41:\"product_page_button_add_to_cart_icon_pack\";s:8:\"material\";s:45:\"product_page_button_add_to_cart_icon_position\";s:4:\"left\";s:40:\"product_page_button_add_to_wishlist_icon\";s:4:\"f37b\";s:45:\"product_page_button_add_to_wishlist_icon_pack\";s:8:\"material\";s:42:\"product_page_button_added_to_wishlist_icon\";s:4:\"f377\";s:47:\"product_page_button_added_to_wishlist_icon_pack\";s:8:\"material\";s:41:\"product_page_button_clear_attributes_text\";s:15:\"Clear selection\";s:31:\"product_page_elements_prev_next\";s:1:\"1\";s:38:\"product_page_elements_preview_on_hover\";s:1:\"1\";s:34:\"product_page_elements_back_to_shop\";s:1:\"1\";s:39:\"product_page_elements_back_to_shop_link\";s:9:\"main_shop\";s:50:\"product_page_elements_back_to_shop_link_custom_url\";s:0:\"\";s:27:\"product_page_elements_title\";s:1:\"1\";s:32:\"product_page_elements_attributes\";s:1:\"0\";s:37:\"product_page_elements_attributes_data\";s:0:\"\";s:29:\"product_page_elements_reviews\";s:1:\"1\";s:34:\"product_page_elements_reviews_text\";s:16:\"customer reviews\";s:27:\"product_page_elements_price\";s:1:\"1\";s:41:\"product_page_elements_price_strikethrough\";s:1:\"1\";s:33:\"product_page_elements_description\";s:1:\"1\";s:34:\"product_page_elements_stock_amount\";s:1:\"1\";s:39:\"product_page_elements_stock_amount_text\";s:17:\"Products in stock\";s:32:\"product_page_elements_size_guide\";s:1:\"1\";s:25:\"product_page_elements_sku\";s:1:\"1\";s:31:\"product_page_elements_sku_title\";s:3:\"SKU\";s:32:\"product_page_elements_categories\";s:1:\"1\";s:38:\"product_page_elements_categories_title\";s:10:\"Categories\";s:26:\"product_page_elements_tags\";s:1:\"1\";s:32:\"product_page_elements_tags_title\";s:4:\"Tags\";s:27:\"product_page_elements_share\";s:1:\"1\";s:33:\"product_page_elements_share_title\";s:5:\"Share\";s:36:\"product_page_elements_share_facebook\";s:1:\"1\";s:35:\"product_page_elements_share_twitter\";s:1:\"1\";s:37:\"product_page_elements_share_pinterest\";s:1:\"1\";s:34:\"product_page_elements_share_tumblr\";s:1:\"1\";s:36:\"product_page_elements_share_linkedin\";s:1:\"1\";s:34:\"product_page_elements_share_reddit\";s:1:\"1\";s:28:\"product_page_elements_upsell\";s:1:\"1\";s:34:\"product_page_elements_upsell_title\";s:17:\"You may also like\";s:44:\"product_page_elements_upsell_title_alignment\";s:4:\"left\";s:34:\"product_page_elements_upsell_items\";s:2:\"-1\";s:44:\"product_page_elements_upsell_columns_desktop\";s:2:\"4x\";s:43:\"product_page_elements_upsell_columns_tablet\";s:2:\"3x\";s:43:\"product_page_elements_upsell_columns_mobile\";s:2:\"2x\";s:40:\"product_page_elements_upsell_columns_100\";s:1:\"5\";s:29:\"product_page_elements_related\";s:1:\"1\";s:35:\"product_page_elements_related_title\";s:16:\"Related Products\";s:45:\"product_page_elements_related_title_alignment\";s:4:\"left\";s:35:\"product_page_elements_related_items\";s:2:\"-1\";s:45:\"product_page_elements_related_columns_desktop\";s:2:\"4x\";s:44:\"product_page_elements_related_columns_tablet\";s:2:\"3x\";s:44:\"product_page_elements_related_columns_mobile\";s:2:\"2x\";s:41:\"product_page_elements_related_columns_100\";s:1:\"5\";s:15:\"product_gallery\";s:7:\"enabled\";s:20:\"product_gallery_type\";s:10:\"horizontal\";s:31:\"product_gallery_column_position\";s:4:\"left\";s:28:\"product_gallery_column_width\";s:2:\"50\";s:26:\"product_gallery_show_image\";s:5:\"hover\";s:20:\"product_gallery_zoom\";s:1:\"1\";s:24:\"product_gallery_lightbox\";s:1:\"1\";s:22:\"product_gallery_labels\";s:1:\"1\";s:26:\"product_gallery_label_sale\";s:1:\"1\";s:25:\"product_gallery_label_new\";s:1:\"1\";s:31:\"product_gallery_label_out_stock\";s:1:\"1\";s:27:\"product_gallery_auto_height\";s:1:\"1\";s:30:\"product_gallery_elements_color\";s:0:\"\";s:28:\"product_gallery_grid_columns\";s:2:\"1x\";s:25:\"product_gallery_grid_gaps\";s:2:\"42\";s:30:\"product_gallery_grid_gaps_hide\";s:1:\"0\";s:31:\"product_gallery_grid_top_margin\";s:1:\"0\";s:30:\"product_gallery_video_autoplay\";s:1:\"0\";s:15:\"size_guide_text\";s:10:\"Size guide\";}s:25:\"product_archive_item_data\";a:2:{s:29:\"product_archive_layout_source\";s:7:\"default\";s:32:\"product_archive_builder_template\";s:0:\"\";}s:22:\"blog_archive_item_data\";a:2:{s:26:\"blog_archive_layout_source\";s:7:\"default\";s:29:\"blog_archive_builder_template\";s:0:\"\";}s:24:\"options_current_contents\";N;s:16:\"options_modified\";N;s:34:\"options_outside_parameter_modified\";b:0;s:22:\"options_saved_contents\";N;s:8:\"settings\";a:3:{s:5:\"theme\";s:5:\"light\";s:24:\"background_image_gallery\";a:0:{}s:21:\"colorpicker_favorites\";a:1:{s:7:\"default\";a:0:{}}}}"],"_elementor_template_type":["wp-post"],"_elementor_version":["3.25.10"],"_elementor_pro_version":["3.22.1"],"_elementor_data":["[{\"id\":\"63301b1\",\"elType\":\"section\",\"settings\":{\"content_width\":{\"unit\":\"px\",\"size\":1260,\"sizes\":[]},\"gap\":\"no\",\"structure\":\"30\"},\"elements\":[{\"id\":\"a1bd42c\",\"elType\":\"column\",\"settings\":{\"_column_size\":33,\"_inline_size\":65,\"thegem_column_breakpoints_list\":[],\"space_between_widgets\":0,\"_inline_size_tablet\":100},\"elements\":[{\"id\":\"da35c3f\",\"elType\":\"widget\",\"settings\":{\"icon_list\":[{\"selected_icon\":{\"value\":\"fas fa-calendar\",\"library\":\"fa-solid\"},\"_id\":\"8e1b090\",\"custom_date_format\":\"F j, Y\",\"custom_time_format\":\"g:i a\",\"link\":\"\",\"show_icon\":\"none\"}],\"_margin\":{\"unit\":\"px\",\"top\":\"0\",\"right\":\"0\",\"bottom\":\"05\",\"left\":\"0\",\"isLinked\":false},\"__globals__\":{\"text_color\":\"globals\\\/colors?id=primary\"}},\"elements\":[],\"widgetType\":\"post-info\"},{\"id\":\"395589d\",\"elType\":\"widget\",\"settings\":{\"title\":\"Add Your Heading Text Here\",\"header_size\":\"div\",\"thegem_heading_style\":\"styled-subtitle\",\"__dynamic__\":{\"title\":\"[elementor-tag id=\\\"8699bc2\\\" name=\\\"thegem-post-excerpt\\\" settings=\\\"%7B%7D\\\"]\"}},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"4592adc\",\"elType\":\"widget\",\"settings\":{\"source\":\"custom\",\"author_avatar\":{\"url\":\"https:\\\/\\\/kmwllccom.stage.site\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/Kira3-1.jpg\",\"id\":28575,\"alt\":\"\",\"source\":\"library\"},\"author_name\":\"Kira Traynor\",\"author_name_tag\":\"div\",\"author_bio\":\"Search Engineer at KMW Technology\",\"link_text\":\"All Posts\",\"image_vertical_align\":\"top\",\"image_border\":\"yes\",\"image_border_width\":{\"unit\":\"px\",\"size\":3,\"sizes\":[]},\"image_border_radius\":{\"unit\":\"px\",\"size\":100,\"sizes\":[]},\"name_gap\":{\"unit\":\"px\",\"size\":0,\"sizes\":[]},\"__globals__\":{\"image_border_color\":\"globals\\\/colors?id=428f277\",\"bio_color\":\"globals\\\/colors?id=secondary\"},\"_padding\":{\"unit\":\"em\",\"top\":\"2\",\"right\":\"2\",\"bottom\":\"2\",\"left\":\"2\",\"isLinked\":true},\"_padding_tablet\":{\"unit\":\"em\",\"top\":\"\",\"right\":\"\",\"bottom\":\"\",\"left\":\"\",\"isLinked\":true},\"_padding_mobile\":{\"unit\":\"em\",\"top\":\"\",\"right\":\"\",\"bottom\":\"\",\"left\":\"\",\"isLinked\":true}},\"elements\":[],\"widgetType\":\"author-box\"},{\"id\":\"9068a13\",\"elType\":\"widget\",\"settings\":{\"text\":\"Divider\",\"weight\":{\"unit\":\"px\",\"size\":3,\"sizes\":[]},\"gap\":{\"unit\":\"px\",\"size\":0,\"sizes\":[]},\"__globals__\":{\"color\":\"globals\\\/colors?id=428f277\"}},\"elements\":[],\"widgetType\":\"divider\"},{\"id\":\"f22d0cd\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"3aea284\",\"elType\":\"widget\",\"settings\":{\"title\":\"Introduction\",\"size\":\"large\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"a3ad63f\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">Have you ever needed to find out more about what's going on with your Solr deployment?\\u00a0 The Solr Admin UI is great at communicating the overall health of the cluster, how the cores are doing and validating configuration. But sometimes you need to go a bit deeper to understand:<\\\/span><\\\/p><ul><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">What's my query latency?<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">How long are commits taking?<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Is Solr throwing any errors?<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">What queries are returning zero results?<\\\/span><\\\/li><\\\/ul><p><span style=\\\"font-weight: 400;\\\">When we need to know more, we need to look at the logs.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">The ability to analyze log files is foundational to monitoring the success of your Solr cloud deployment. Log files consist of <\\\/span><i><span style=\\\"font-weight: 400;\\\">events<\\\/span><\\\/i><span style=\\\"font-weight: 400;\\\"> that are logged with a date, timestamp, event level (warning, error, info, etc.) and event detail. The information contained in the logs give you insight into what is happening within your system.\\u00a0<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">At KMW Technology, we focus on utilizing open-source software in our search solutions in order to support and contribute to community-driven development. As such, we have a lot of expertise in working with Solr. When it comes to analyzing Solr logs, Solr does have some out of the box tools. However, we\\u2019ve found that those tools don\\u2019t give a lot of options for creating rich visual analysis. We\\u2019ve also found there\\u2019s no great way to analyze logs in real time. So what do we do? We turn to another open-source platform: Elastic. Using Elastic\\u2019s ELK stack, we can ingest Solr log files and leverage tools like Kibana to query and visualize what\\u2019s happening in Solr.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">In this post, we\\u2019ll go over how to use Elasticsearch and its tools within the ELK stack to query, analyze and visualize your Solr logs. It's easier than you might think!<\\\/span><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"f2e09fa\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"456081b\",\"elType\":\"widget\",\"settings\":{\"title\":\"The ELK Stack\",\"size\":\"large\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"ceac66d\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">The four components of the <a href=\\\"https:\\\/\\\/www.elastic.co\\\/what-is\\\/elk-stack\\\">ELK stack<\\\/a> are: <\\\/span><b>E<\\\/b><span style=\\\"font-weight: 400;\\\">lasticsearch<\\\/span><b>, L<\\\/b><span style=\\\"font-weight: 400;\\\">ogstash, <\\\/span><b>K<\\\/b><span style=\\\"font-weight: 400;\\\">ibana, and Beats. The process begins with Beats, a platform with multiple different data shippers. Filebeat is one of these data shippers, and setting up Filebeat is the first step to ingesting your logs. Once Filebeat is hooked into your Solr logs, your log data can then be shipped to Logstash which will ingest the logs. When Logstash ingests and parses the log data, create an index in Elasticsearch and add the logs to this index. Once Elasticsearch has all the data, you can use Kibana to query your log data and create visualizations that aid in your analysis.<\\\/span><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"bb09f3e\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"100498f\",\"elType\":\"widget\",\"settings\":{\"image\":{\"url\":\"https:\\\/\\\/kmwllccom.stage.site\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/elk_stack_log_analysis.png\",\"id\":28330,\"alt\":\"\",\"source\":\"library\"},\"align\":\"center\"},\"elements\":[],\"widgetType\":\"image\"},{\"id\":\"35098e5\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"542d17f\",\"elType\":\"widget\",\"settings\":{\"title\":\"\\nThe Process\",\"size\":\"large\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"72e5dea\",\"elType\":\"widget\",\"settings\":{\"title\":\"Installing & Configuring ELK\",\"size\":\"medium\",\"header_size\":\"h3\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"e5c7c12\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p>Install the following products:<\\\/p><ul><li aria-level=\\\"1\\\"><a href=\\\"https:\\\/\\\/www.elastic.co\\\/downloads\\\/past-releases#elasticsearch\\\">Elasticsearch<\\\/a><\\\/li><li aria-level=\\\"1\\\"><a href=\\\"https:\\\/\\\/www.elastic.co\\\/downloads\\\/past-releases#logstash\\\">Logstash<\\\/a><\\\/li><li aria-level=\\\"1\\\"><a href=\\\"https:\\\/\\\/www.elastic.co\\\/downloads\\\/past-releases#kibana\\\">Kibana<\\\/a><\\\/li><li aria-level=\\\"1\\\"><a href=\\\"https:\\\/\\\/www.elastic.co\\\/downloads\\\/past-releases#filebeat\\\">Filebeat<\\\/a><\\\/li><\\\/ul><p>Ensure that each of the downloaded products are compatible with each other, i.e. all have the version 8.4.2. You can find the compatibility matrix\\u00a0<a href=\\\"https:\\\/\\\/www.elastic.co\\\/support\\\/matrix#matrix_compatibility\\\">here.<\\\/a><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"9ca01a5\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"7de389b\",\"elType\":\"widget\",\"settings\":{\"title\":\"Pointing Filebeat at Your Logs\",\"size\":\"medium\",\"header_size\":\"h3\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"f271694\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">Filebeat\\u2019s role will be to monitor the files that are in a defined input location and send them to a defined output location. In this case, the input will be the path to your Solr logs and the output will be Logstash.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">You can choose to either actively monitor your logs in real time or ingest a saved set of logs that came from a certain time period. In either scenario, the Filebeat setup will be the same. However, if you are not monitoring your logs in real time Filebeat only has to run once and can be terminated when it has finished. Otherwise, Filebeat should be left running so that it can continue to send log updates in real time.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">Within the downloaded Filebeat package, find <\\\/span><b>filebeat.yml<\\\/b><span style=\\\"font-weight: 400;\\\">.<\\\/span><\\\/p><ol><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Add the path(s) to your Solr logs under the<\\\/span><b> filebeat.inputs<\\\/b><span style=\\\"font-weight: 400;\\\"> section and set enabled to true. You can use <\\\/span><b>glob<\\\/b><span style=\\\"font-weight: 400;\\\"> to match multiple logs.<\\\/span><\\\/li><\\\/ol>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"0b2677c\",\"elType\":\"widget\",\"settings\":{\"language\":\"\",\"code\":\"filebeat.inputs:\\r\\n- type: log\\r\\n  # Change to true to enable this input configuration.\\r\\n  enabled: true\\r\\n  # Paths that should be crawled and fetched. Glob based paths.\\r\\n  paths:\\r\\n    - \\\/Downloads\\\/Logs\\\/SolrLogs\\\/solr.log*\",\"line_numbers\":\"\",\"_margin\":{\"unit\":\"px\",\"top\":\"0\",\"right\":\"0\",\"bottom\":\"0\",\"left\":\"40\",\"isLinked\":false}},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"314511e\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<ol start=\\\"2\\\">\\n \\t<li aria-level=\\\"1\\\">Under the Kibana section, make sure that the Kibana host is set to your specific Kibana host. You do not need to set anything for the Elasticsearch output.<\\\/li>\\n<\\\/ol>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"1aa4cac\",\"elType\":\"widget\",\"settings\":{\"language\":\"\",\"code\":\"setup.kibana:\\r\\n  # Kibana Host\\r\\n  host: \\\"localhost:5601\\\"\",\"line_numbers\":\"\",\"_margin\":{\"unit\":\"px\",\"top\":\"0\",\"right\":\"0\",\"bottom\":\"0\",\"left\":\"40\",\"isLinked\":false}},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"44a2ef7\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<ol start=\\\"3\\\">\\n \\t<li aria-level=\\\"1\\\">Since we want to connect it to Logstash, set the output accordingly. Make sure output.elasticsearch is not set to anything and output.logstash is set:<\\\/li>\\n<\\\/ol>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"8c7ff30\",\"elType\":\"widget\",\"settings\":{\"language\":\"\",\"code\":\"output.logstash:\\r\\n  # The Logstash hosts\\r\\n  hosts: [\\\"0.0.0.0:5044\\\"]\",\"line_numbers\":\"\",\"_margin\":{\"unit\":\"px\",\"top\":\"0\",\"right\":\"0\",\"bottom\":\"0\",\"left\":\"40\",\"isLinked\":false}},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"3401e9e\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><i>Note<\\\/i>: there are other sections of Filebeat that can be configured, but for this example we are leaving these sections set according to the values that are pre-loaded when you first install Filebeat.<\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"917cb9e\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"ee56829\",\"elType\":\"widget\",\"settings\":{\"title\":\"Configuring Logstash\",\"size\":\"medium\",\"header_size\":\"h3\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"f6101ca\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">Logstash is an ETL tool that requires some initial configuration. It is the pipeline that takes files from Filebeat, ingests and transforms the data so that it can be indexed, and sends it to Elasticsearch to be made searchable.\\u00a0<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">Logstash has to be configured accordingly to ensure that the data that is in your logs is captured and made searchable as fits your needs. This means identifying what content from the Solr log files is important to retain and what might not be necessary. In the below example, we will walk through what we consider a basic Logstash configuration for Solr log ingestion\\u2013 but be aware that your use case might be different.<\\\/span><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"5db1562\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"147f8dc\",\"elType\":\"widget\",\"settings\":{\"title\":\"Setting up the Pipeline\",\"size\":\"medium\",\"header_size\":\"h3\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"4250d4e\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">The first step is to set up the pipeline for Logstash. As you\\u2019ll see below, you will use Grok to match and filter the content in the logs. Grok is similar to regular expression in that it is a search pattern that can be matched to text. This will allow you to set values to fields. Some documentation and examples of Grok statements from Elasticsearch can be found <\\\/span><a href=\\\"https:\\\/\\\/www.elastic.co\\\/guide\\\/en\\\/elasticsearch\\\/reference\\\/current\\\/grok-processor.html\\\"><span style=\\\"font-weight: 400;\\\">here<\\\/span><\\\/a><span style=\\\"font-weight: 400;\\\">.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">Within the installed Logstash package, locate the <\\\/span><b>conf\\\/logstash-sample.conf<\\\/b><span style=\\\"font-weight: 400;\\\"> file. There should be an inputs and an outputs section.<\\\/span><\\\/p><ol><li><span style=\\\"font-weight: 400;\\\"><strong>Add a filter section after the inputs<\\\/strong>. This will be where you can create Grok statements to filter and match the data that you want from your logs. The following code matches the <\\\/span><i><span style=\\\"font-weight: 400;\\\">time<\\\/span><\\\/i><span style=\\\"font-weight: 400;\\\"> and<\\\/span><i><span style=\\\"font-weight: 400;\\\"> log level<\\\/span><\\\/i><span style=\\\"font-weight: 400;\\\"> from Solr logs and sets those values to the LogTime and level fields.<\\\/span><span style=\\\"font-weight: 400;\\\"> Use the Grok debugger from Kibana to check if the Grok statements are matching the correct data.<br \\\/><\\\/span><br \\\/>\\u00a0Additionally, you can add Grok that looks like the example below, which will match the basic log configuration for Solr logs. Keep in mind you can also match error level logs and garbage collection logs.<\\\/li><\\\/ol>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"cde19d4\",\"elType\":\"widget\",\"settings\":{\"language\":\"\",\"code\":\" if \\\"INFO\\\" in [level] {\\r\\n   grok {\\r\\n     match => [\\r\\n       \\\"message\\\", \\\"%{DATESTAMP} %{LOGLEVEL} (%{DATA}) \\\\[(c:%{DATA:collection}| ) (s:%{DATA}|)\\\\] %{DATA} \\\\[%{WORD:core_node_name_s}\\\\] %{SPACE} webapp=\\\\\\\/?%{WORD:webapp} path=%{DATA:path_s} params=\\\\{%{DATA:params}\\\\} status=%{NUMBER:status_i} QTime=%{NUMBER:qtime_i}\\\",\\r\\n       \\\"message\\\", \\\"%{DATESTAMP} %{LOGLEVEL} (%{DATA}) \\\\[(c:%{DATA:collection}| ) (s:%{DATA}|)\\\\] %{DATA} \\\\[%{WORD:core_node_name_s}\\\\] %{SPACE} webapp=\\\\\\\/?%{WORD:webapp} path=%{DATA:path_s} params=\\\\{%{DATA:params}\\\\} hits=%{NUMBER:hits_i} status=%{NUMBER:status_i} QTime=%{NUMBER:qtime_i}\\\",\\r\\n       \\\"message\\\", \\\"%{DATESTAMP} %{LOGLEVEL} (%{DATA}) \\\\[(c:%{DATA:collection}| ) (s:%{DATA}|)\\\\] %{DATA} \\\\[%{WORD:core_node_name_s}\\\\] %{SPACE} webapp=\\\\\\\/?%{WORD:webapp} path=%{DATA:path_s} params=\\\\{%{GREEDYDATA:params}\\\\} %{NUMBER:status_i} %{NUMBER:qtime_i}\\\"\\r\\n     ]\\r\\n     tag_on_failure => []\\r\\n   }\\r\\n   if [params] {\\r\\n     kv {\\r\\n       field_split_pattern => \\\"&|}{\\\"\\r\\n       source => \\\"params\\\"\\r\\n     }\\r\\n} \",\"line_numbers\":\"\",\"word_wrap\":\"word-wrap\",\"_margin\":{\"unit\":\"px\",\"top\":\"0\",\"right\":\"0\",\"bottom\":\"0\",\"left\":\"40\",\"isLinked\":false},\"height\":{\"unit\":\"px\",\"size\":150,\"sizes\":[]}},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"4f8ad79\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<ol start=\\\"2\\\"><li><strong>Configure the output.<\\\/strong><ol><li><span style=\\\"font-weight: 400;\\\">Set Elasticsearch host to <code>\\\"https:\\\/\\\/localhost:9200\\\"<\\\/code><span style=\\\"font-weight: 400;\\\">\\\"<\\\/span><\\\/span><\\\/li><li><span style=\\\"font-weight: 400;\\\">Set the template to the path. We will set up the template (mapping) after this.\\u00a0<\\\/span><\\\/li><li><span style=\\\"font-weight: 400;\\\">Set index name<\\\/span><\\\/li><li><span style=\\\"font-weight: 400;\\\"><span style=\\\"font-weight: 400;\\\">Set the user and password from your elasticsearch or ssl_certificate_verification<\\\/span><\\\/span><\\\/li><\\\/ol><\\\/li><\\\/ol>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"977f807\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"9c668ea\",\"elType\":\"widget\",\"settings\":{\"title\":\"Defining the Mappings (Index Template)\",\"size\":\"medium\",\"header_size\":\"h3\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"644104c\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">Since you\\u2019re familiar with Solr, you know that a collection <\\\/span><i><span style=\\\"font-weight: 400;\\\">schema<\\\/span><\\\/i><span style=\\\"font-weight: 400;\\\"> declares the fields and corresponding data types per field. In Elasticsearch, a schema is referred to as a <\\\/span><i><span style=\\\"font-weight: 400;\\\">mapping<\\\/span><\\\/i><span style=\\\"font-weight: 400;\\\">, and the mapping is applied to a specific <\\\/span><i><span style=\\\"font-weight: 400;\\\">index<\\\/span><\\\/i><span style=\\\"font-weight: 400;\\\">. A Logstash index template is needed in order to define the mappings that Elasticsearch will use to create an index of your Solr log files.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">Keep in mind that index templates are only applied at index creation or during a re-index.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">If you don\\u2019t specify mappings for each of the fields that you are matching from the Grok statements, Elasticsearch will still ingest the logs and assume a type for each field. This can be problematic if Elasticsearch assumes the wrong field type. For example, if a field with an integer type is ingested as a string type you will not be able to represent it in the correct way in a Kibana graph using minimums, maximums, averages or other mathematical operations.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">To start making a template, create a JSON file using the example template below. The name and path has to be whatever you set your template to in the pipeline above. There are two main components to the index template.<\\\/span><\\\/p><ol><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Include your <code>index_patterns<\\\/code><\\\/span><span style=\\\"font-weight: 400;\\\">\\u00a0to match the indices you want.<\\\/span><\\\/li><li><span style=\\\"font-weight: 400;\\\"><span style=\\\"font-weight: 400;\\\">Include the <code>mappings<\\\/code> map. This part includes the mapping of the fields to their data type. Since you already set up your pipeline in the section above, you know what fields you are matching from the logs. For each of the fields, determine what data type they should be. For example, if you are matching query time values in your log and you called the field <code>qtime_i<\\\/code> because it is an integer value, you should add this to your mappings. From Elasticsearch\\u2019s documentation, <a href=\\\"https:\\\/\\\/www.elastic.co\\\/guide\\\/en\\\/elasticsearch\\\/reference\\\/8.4\\\/mapping-types.html\\\">here<\\\/a> are all the different types that you can include in your mapping. Each field can only have one data type.<\\\/span><\\\/span><\\\/li><\\\/ol>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"2e5d380\",\"elType\":\"widget\",\"settings\":{\"language\":\"\",\"code\":\"\\\"qtime_i\\\":{\\r\\n    \\\"type\\\": \\\"integer\\\",\\r\\n    \\\"fields\\\":{\\r\\n        \\\"keyword\\\":{\\r\\n            \\\"type\\\": \\\"keyword\\\", \\r\\n            \\\"ignore_above\\\": 256\\r\\n        }\\r\\n    }\\r\\n}\",\"line_numbers\":\"\",\"_margin\":{\"unit\":\"px\",\"top\":\"0\",\"right\":\"0\",\"bottom\":\"0\",\"left\":\"40\",\"isLinked\":false},\"height\":{\"unit\":\"px\",\"size\":150,\"sizes\":[]}},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"74af05d\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p>\\u00a0<\\\/p><p><span style=\\\"font-weight: 400;\\\">The whole template will look something like what is below.<\\\/span><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"08389d6\",\"elType\":\"widget\",\"settings\":{\"language\":\"\",\"code\":\"{\\r\\n \\\"template\\\": \\\"solr-logs-template\\\",\\r\\n \\\"index_patterns\\\": [\\\"solr-logs*\\\"],\\r\\n \\\"mappings\\\" : {\\r\\n   \\\"properties\\\" : {\\r\\n     \\\"@timestamp\\\" : {\\r\\n       \\\"type\\\" : \\\"date\\\"\\r\\n     },\\r\\n     \\\"@version\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"LogTime\\\" : {\\r\\n       \\\"type\\\" : \\\"date\\\",\\r\\n       \\\"format\\\" : \\\"yy-MM-dd HH:mm:ss.SSS\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"agent\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"ephemeral_id\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"hostname\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"id\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"type\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"version\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"commit\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"core_node_name_s\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"ecs\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"version\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"file\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"fl\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"hits_i\\\" : {\\r\\n       \\\"type\\\" : \\\"integer\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"host\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"architecture\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"hostname\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"id\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"name\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"os\\\" : {\\r\\n           \\\"properties\\\" : {\\r\\n             \\\"build\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"family\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"kernel\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"name\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"platform\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"version\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             }\\r\\n           }\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"input\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"type\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"level\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"log\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"file\\\" : {\\r\\n           \\\"properties\\\" : {\\r\\n             \\\"path\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"flags\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"offset\\\" : {\\r\\n           \\\"type\\\" : \\\"long\\\"\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"message\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"params\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"path_s\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"q\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"qt\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"qtime_i\\\" : {\\r\\n       \\\"type\\\" : \\\"integer\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"rows\\\" : {\\r\\n       \\\"type\\\" : \\\"integer\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"status_i\\\" : {\\r\\n       \\\"type\\\" : \\\"integer\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"tags\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"version\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"webapp_s\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"threads_stopped_for_seconds_i\\\" : {\\r\\n       \\\"type\\\" : \\\"float\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"wt\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     }\\r\\n   }\\r\\n }\\r\\n}\\r\\n\\r\\n\",\"line_numbers\":\"\",\"word_wrap\":\"word-wrap\",\"height\":{\"unit\":\"px\",\"size\":200,\"sizes\":[]}},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"7073332\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"1ded788\",\"elType\":\"widget\",\"settings\":{\"title\":\"Running ELK\",\"size\":\"large\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"80c5e2f\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">Now that setup has been completed, you\\u2019re ready to run all four parts: Elasticsearch, Kibana, Logstash, Filebeat.<\\\/span><\\\/p><ul><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Run Elasticsearch.\\u00a0 From the Elasticsearch package run <code>[.\\\/bin\\\/elasticsearch]<\\\/code>. Elasticsearch will be found at <code>[https:\\\/\\\/localhost:9200]<\\\/code><\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Running Kibana may be useful during the configuration of Logstash for the Grok debugger. Be aware that you need to have Elasticsearch running in order to run Kibana. From the Kibana package run <code>[.\\\/bin\\\/kibana]<\\\/code>. Kibana will be found at <code>[http:\\\/\\\/localhost:5601].<\\\/code>This is where you will be doing the data querying and visualization.<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Run Logstash to create the index. From the Logstash package run <code>[.\\\/bin\\\/logstash -f logstash.conf]<\\\/code> where <code>logstash.conf<\\\/code> is the configuration file we created above.<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Run Filebeat to monitor the logs and send to Logstash. From the Filebeat package run <code>[.\\\/filebeat -e]<\\\/code>.\\u00a0<\\\/span><\\\/li><\\\/ul><p><span style=\\\"font-weight: 400;\\\">Filebeat and Logstash only need to run once unless you are monitoring logs in real time.<\\\/span><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"f34f842\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"3ac9557\",\"elType\":\"widget\",\"settings\":{\"title\":\"Querying and Visualizing\",\"size\":\"large\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"aff954b\",\"elType\":\"widget\",\"settings\":{\"title\":\"Goals for Analyzing Logs\",\"size\":\"medium\",\"header_size\":\"h3\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"6ef0192\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">Depending on the use case, you can focus on different things when querying and visualizing logs. Some questions can be answered by querying Kibana, while in other circumstances setting up a visualization is more helpful. Since you are already interested in log analysis you probably have some specific metrics in mind, but some common analysis goals include:<\\\/span><\\\/p><ul><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Seeing how long garbage collection takes<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Knowing how many searches have been run over a given time (per minute\\\/hour\\\/week)?<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Identifying the queries that take the longest time to execute<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Identifying most common queries issued to a collection<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Visualizing spikes in query traffic\\u00a0<\\\/span><\\\/li><li style=\\\"font-weight: 400;\\\" aria-level=\\\"1\\\"><span style=\\\"font-weight: 400;\\\">Seeing how often commits are occurring<\\\/span><\\\/li><\\\/ul>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"133a476\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"ec0e076\",\"elType\":\"widget\",\"settings\":{\"title\":\"Example Queries against Elasticsearch Index\",\"size\":\"medium\",\"header_size\":\"h3\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"07893d8\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">Querying against your newly created index is simple with Kibana. Go to the menu on the top left and scroll all the way down to Management\\\/Dev Tools. From here you can create queries in the Console and test your Grok statements in the Grok Debugger. For help understanding the specific query syntax, here is some <\\\/span><a href=\\\"https:\\\/\\\/www.elastic.co\\\/guide\\\/en\\\/elasticsearch\\\/reference\\\/current\\\/query-dsl.html\\\"><span style=\\\"font-weight: 400;\\\">documentation<\\\/span><\\\/a><span style=\\\"font-weight: 400;\\\">.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">There are some simple queries that you can use to start off with:<\\\/span><\\\/p><p><em>To get all the indices so you can ensure the index was created:\\u00a0<\\\/em><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"de6ee2a\",\"elType\":\"widget\",\"settings\":{\"language\":\"sql\",\"code\":\"GET _cat\\\/indices\",\"line_numbers\":\"\"},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"76b7eda\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p>\\u00a0<\\\/p><p><em><span style=\\\"font-weight: 400;\\\">To get all information from one index:\\u00a0 <\\\/span><\\\/em><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"7816561\",\"elType\":\"widget\",\"settings\":{\"line_numbers\":\"\",\"language\":\"\",\"code\":\"GET \\\/<index-name>\\\/_search \\n{\\n  \\\"query\\\": {\\n    \\\"match_all\\\": {}\\n  }\\n}\"},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"9326ac5\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p>\\u00a0<\\\/p><p><em>Finding the longest-running search:<\\\/em><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"c2d2c03\",\"elType\":\"widget\",\"settings\":{\"language\":\"\",\"code\":\"GET \\\/<index-name>\\\/_search \\r\\n{\\r\\n  \\\"query\\\": {\\r\\n    \\\"bool\\\": {\\r\\n      \\\"must\\\": [\\r\\n        {\\r\\n          \\\"term\\\": {\\r\\n            \\\"path_s.keyword\\\": {\\r\\n              \\\"value\\\": \\\"\\\/select\\\"\\r\\n            }\\r\\n          }\\r\\n        }\\r\\n      ]\\r\\n    }\\r\\n  },\\r\\n  \\\"aggs\\\": {\\r\\n    \\\"doc_with_max_qTime\\\": {\\r\\n      \\\"top_hits\\\": {\\r\\n        \\\"sort\\\": [\\r\\n          {\\r\\n            \\\"qtime_i\\\": {\\r\\n              \\\"order\\\": \\\"desc\\\"\\r\\n            }\\r\\n          }\\r\\n        ],\\r\\n        \\\"size\\\": 1\\r\\n      }\\r\\n    }\\r\\n  },\\r\\n  \\\"size\\\": 0\\r\\n}\",\"line_numbers\":\"\"},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"9a5e552\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p>\\u00a0<\\\/p><p><em>Finding the most common query:<\\\/em><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"4422572\",\"elType\":\"widget\",\"settings\":{\"language\":\"\",\"code\":\"GET \\\/<index-name>\\\/_search \\r\\n{\\r\\n  \\\"aggs\\\": {\\r\\n    \\\"frequent_query\\\": {\\r\\n      \\\"terms\\\": {\\r\\n        \\\"field\\\": \\\"q.keyword\\\"\\r\\n      }\\r\\n    }\\r\\n  },\\r\\n  \\\"size\\\": 0\\r\\n}\",\"line_numbers\":\"\"},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"b8ff8c5\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p>\\u00a0<\\\/p><p><em><span style=\\\"font-weight: 400;\\\">Finding percentiles (aggregating on query time):<\\\/span><\\\/em><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"6ca9ee1\",\"elType\":\"widget\",\"settings\":{\"language\":\"\",\"code\":\"GET \\\/<index-name>\\\/_search \\n{\\n  \\\"aggs\\\": {\\n    \\\"qTime_percentiles\\\": {\\n      \\\"percentiles\\\": {\\n        \\\"field\\\": \\\"qtime_i\\\",\\n        \\\"percents\\\": [\\n          90,\\n          95,\\n          99\\n        ]\\n      }\\n    }\\n  },\\n  \\\"size\\\": 0\\n}\",\"line_numbers\":\"\"},\"elements\":[],\"widgetType\":\"code-highlight\"},{\"id\":\"04fc183\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"df5deda\",\"elType\":\"widget\",\"settings\":{\"title\":\"Example Visualizations with Kibana\",\"size\":\"medium\",\"header_size\":\"h3\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"4950ffb\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">Once you understand the data that you are looking at, you can create a dashboard with visualizations. Create a visualization by navigating to Analytics -&gt; Discover or Analytics&nbsp; -&gt; Dashboard if you already know what you\\u2019d like to make up a dashboard. <\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">The ability to create visualizations with Kibana is one of our favorite reasons to look at Solr logs using Elastic stack. It is easy to create dashboards that convey a lot of information in an easily digestible manner. While it is possible to use grep commands in a console to see commits per collection, you can see in this example that a visualization is a lot easier to understand than the results you would get from grep.<\\\/span><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"},{\"id\":\"c506698\",\"elType\":\"widget\",\"settings\":{\"image\":{\"url\":\"https:\\\/\\\/kmwllccom.stage.site\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/KibanaLogExample.png\",\"id\":28412,\"alt\":\"\",\"source\":\"library\"}},\"elements\":[],\"widgetType\":\"image\"},{\"id\":\"c4507d3\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"49d5daa\",\"elType\":\"widget\",\"settings\":{\"title\":\"Conclusion\",\"size\":\"large\",\"header_size\":\"h1\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"f6ac032\",\"elType\":\"widget\",\"settings\":{\"editor\":\"<p><span style=\\\"font-weight: 400;\\\">While there is a bit of up-front work required with this approach, the payoff is having a great way to look at your Solr logs both in real time or as needed. Let us know what type of questions you hope to answer when looking at your Solr logs, and if you have other approaches that you prefer.<\\\/span><\\\/p><p><span style=\\\"font-weight: 400;\\\">If you\\u2019re experiencing issues with your Solr (or Elasticsearch, or Opensearch) cluster or need help interpreting your logs, please contact us!\\u00a0<\\\/span><\\\/p>\"},\"elements\":[],\"widgetType\":\"text-editor\"}],\"isInner\":false},{\"id\":\"192510c\",\"elType\":\"column\",\"settings\":{\"_column_size\":33,\"_inline_size\":9.332,\"thegem_column_breakpoints_list\":[],\"hide_tablet\":\"hidden-tablet\",\"hide_mobile\":\"hidden-mobile\"},\"elements\":[],\"isInner\":false},{\"id\":\"1f6e963\",\"elType\":\"column\",\"settings\":{\"_column_size\":33,\"_inline_size\":25,\"margin\":{\"unit\":\"%\",\"top\":\"0\",\"right\":\"0\",\"bottom\":\"0\",\"left\":\"0\",\"isLinked\":false},\"thegem_column_breakpoints_list\":[],\"margin_tablet\":{\"unit\":\"%\",\"top\":\"\",\"right\":\"\",\"bottom\":\"\",\"left\":\"\",\"isLinked\":true},\"margin_mobile\":{\"unit\":\"%\",\"top\":\"\",\"right\":\"\",\"bottom\":\"\",\"left\":\"\",\"isLinked\":true},\"content_position\":\"top\",\"_inline_size_tablet\":100},\"elements\":[{\"id\":\"421c760\",\"elType\":\"widget\",\"settings\":{\"title\":\"Share post\",\"header_size\":\"div\",\"thegem_heading_style\":\"title-h6\",\"size\":\"small\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"d970719\",\"elType\":\"widget\",\"settings\":{\"pinterest\":\"\",\"tumblr\":\"\",\"telegram\":\"\",\"whatsapp\":\"\",\"viber\":\"\",\"xing\":\"\",\"__globals__\":{\"icons_color\":\"globals\\\/colors?id=428f277\"}},\"elements\":[],\"widgetType\":\"thegem-social-sharing\"},{\"id\":\"e841371\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"e2adb0d\",\"elType\":\"widget\",\"settings\":{\"title\":\"More From the KMW Blog\",\"header_size\":\"div\",\"thegem_heading_style\":\"title-h6\",\"size\":\"small\"},\"elements\":[],\"widgetType\":\"heading\"},{\"id\":\"2c3c63f\",\"elType\":\"widget\",\"settings\":{\"thegem_elementor_preset\":\"compact-tiny-2\",\"source\":[\"posts\"],\"exclude_blog_posts\":[\"28075\"],\"show_separator\":\"\",\"show_comments\":\"\",\"readmore_button_text\":\"Read More\",\"loadmore_button_text\":\"Load More\",\"caption_categories_in_text\":\"in \",\"caption_author_by_text\":\"By\",\"related_by\":[],\"source_type\":\"custom\",\"pagination_type\":\"numbers\"},\"elements\":[],\"widgetType\":\"thegem-bloglist\"}],\"isInner\":false}],\"isInner\":false},{\"id\":\"8890d36\",\"elType\":\"section\",\"settings\":{\"content_width\":{\"unit\":\"px\",\"size\":1260,\"sizes\":[]},\"gap\":\"no\"},\"elements\":[{\"id\":\"dabf496\",\"elType\":\"column\",\"settings\":{\"_column_size\":100,\"_inline_size\":null,\"thegem_column_breakpoints_list\":[],\"space_between_widgets\":0},\"elements\":[{\"id\":\"fb84fb3\",\"elType\":\"widget\",\"settings\":[],\"elements\":[],\"widgetType\":\"spacer\"},{\"id\":\"ae62ddf\",\"elType\":\"widget\",\"settings\":{\"prev_label\":\"Previous Post\",\"next_label\":\"Next Post\",\"show_borders\":\"\",\"title_typography_typography\":\"custom\",\"title_typography_font_size\":{\"unit\":\"px\",\"size\":14,\"sizes\":[]},\"title_typography_font_weight\":\"700\",\"__globals__\":{\"arrow_color\":\"globals\\\/colors?id=primary\",\"label_color\":\"globals\\\/colors?id=secondary\"},\"arrow\":\"fa fa-caret-left\",\"show_arrow\":\"\"},\"elements\":[],\"widgetType\":\"global\",\"templateID\":28083}],\"isInner\":false}],\"isInner\":false}]"],"_zilla_likes":["0"],"_elementor_edit_mode":["builder"],"_thumbnail_id":["29692"],"_yoast_wpseo_content_score":["30"],"_yoast_wpseo_estimated-reading-time-minutes":["12"],"_yoast_wpseo_primary_category":["36"],"_yoast_wpseo_focuskw":["Solr log analysis elastic"],"_yoast_wpseo_metadesc":["In this post, we\u2019ll go over how to use Elasticsearch and its tools within the ELK stack to query, analyze and visualize your Solr logs."],"_yoast_wpseo_linkdex":["53"],"_yoast_wpseo_canonical":["https:\/\/kmwllc.com\/index.php\/2022\/12\/17\/ingesting-solr-logs-with-the-elk-stack\/"],"_yoast_wpseo_wordproof_timestamp":[""],"_elementor_controls_usage":["a:13:{s:9:\"post-info\";a:3:{s:5:\"count\";i:1;s:15:\"control_percent\";i:0;s:8:\"controls\";a:2:{s:7:\"content\";a:1:{s:12:\"section_icon\";a:1:{s:9:\"icon_list\";i:1;}}s:8:\"advanced\";a:1:{s:14:\"_section_style\";a:1:{s:7:\"_margin\";i:1;}}}}s:7:\"heading\";a:3:{s:5:\"count\";i:17;s:15:\"control_percent\";i:1;s:8:\"controls\";a:2:{s:7:\"general\";a:1:{s:11:\"__dynamic__\";a:1:{s:5:\"count\";i:1;}}s:7:\"content\";a:1:{s:13:\"section_title\";a:4:{s:5:\"title\";i:17;s:11:\"header_size\";i:12;s:20:\"thegem_heading_style\";i:3;s:4:\"size\";i:16;}}}}s:10:\"author-box\";a:3:{s:5:\"count\";i:1;s:15:\"control_percent\";i:3;s:8:\"controls\";a:3:{s:7:\"content\";a:1:{s:19:\"section_author_info\";a:5:{s:6:\"source\";i:1;s:13:\"author_avatar\";i:1;s:11:\"author_name\";i:1;s:15:\"author_name_tag\";i:1;s:10:\"author_bio\";i:1;}}s:5:\"style\";a:2:{s:19:\"section_image_style\";a:4:{s:20:\"image_vertical_align\";i:1;s:12:\"image_border\";i:1;s:18:\"image_border_width\";i:1;s:19:\"image_border_radius\";i:1;}s:18:\"section_text_style\";a:1:{s:8:\"name_gap\";i:1;}}s:8:\"advanced\";a:1:{s:14:\"_section_style\";a:3:{s:8:\"_padding\";i:1;s:15:\"_padding_tablet\";i:1;s:15:\"_padding_mobile\";i:1;}}}}s:7:\"divider\";a:3:{s:5:\"count\";i:1;s:15:\"control_percent\";i:0;s:8:\"controls\";a:1:{s:5:\"style\";a:1:{s:21:\"section_divider_style\";a:2:{s:6:\"weight\";i:1;s:3:\"gap\";i:1;}}}}s:6:\"spacer\";a:3:{s:5:\"count\";i:15;s:15:\"control_percent\";i:0;s:8:\"controls\";a:0:{}}s:11:\"text-editor\";a:3:{s:5:\"count\";i:21;s:15:\"control_percent\";i:0;s:8:\"controls\";a:1:{s:7:\"content\";a:1:{s:14:\"section_editor\";a:1:{s:6:\"editor\";i:21;}}}}s:5:\"image\";a:3:{s:5:\"count\";i:2;s:15:\"control_percent\";i:0;s:8:\"controls\";a:2:{s:7:\"content\";a:1:{s:13:\"section_image\";a:1:{s:5:\"image\";i:2;}}s:5:\"style\";a:1:{s:19:\"section_style_image\";a:1:{s:5:\"align\";i:1;}}}}s:14:\"code-highlight\";a:3:{s:5:\"count\";i:11;s:15:\"control_percent\";i:1;s:8:\"controls\";a:2:{s:7:\"content\";a:1:{s:15:\"section_content\";a:5:{s:8:\"language\";i:11;s:4:\"code\";i:11;s:12:\"line_numbers\";i:11;s:9:\"word_wrap\";i:2;s:6:\"height\";i:3;}}s:8:\"advanced\";a:1:{s:14:\"_section_style\";a:1:{s:7:\"_margin\";i:5;}}}}s:6:\"column\";a:3:{s:5:\"count\";i:4;s:15:\"control_percent\";i:0;s:8:\"controls\";a:2:{s:6:\"layout\";a:1:{s:6:\"layout\";a:4:{s:12:\"_inline_size\";i:4;s:21:\"space_between_widgets\";i:2;s:19:\"_inline_size_tablet\";i:2;s:16:\"content_position\";i:1;}}s:8:\"advanced\";a:2:{s:19:\"_section_responsive\";a:2:{s:11:\"hide_tablet\";i:1;s:11:\"hide_mobile\";i:1;}s:16:\"section_advanced\";a:3:{s:6:\"margin\";i:1;s:13:\"margin_tablet\";i:1;s:13:\"margin_mobile\";i:1;}}}}s:21:\"thegem-social-sharing\";a:3:{s:5:\"count\";i:1;s:15:\"control_percent\";i:1;s:8:\"controls\";a:1:{s:7:\"content\";a:1:{s:13:\"section_icons\";a:6:{s:9:\"pinterest\";i:1;s:6:\"tumblr\";i:1;s:8:\"telegram\";i:1;s:8:\"whatsapp\";i:1;s:5:\"viber\";i:1;s:4:\"xing\";i:1;}}}}s:15:\"thegem-bloglist\";a:3:{s:5:\"count\";i:1;s:15:\"control_percent\";i:0;s:8:\"controls\";a:1:{s:7:\"content\";a:3:{s:14:\"section_layout\";a:1:{s:23:\"thegem_elementor_preset\";i:1;}s:12:\"section_blog\";a:2:{s:6:\"source\";i:1;s:18:\"exclude_blog_posts\";i:1;}s:15:\"section_caption\";a:2:{s:14:\"show_separator\";i:1;s:13:\"show_comments\";i:1;}}}}s:7:\"section\";a:3:{s:5:\"count\";i:2;s:15:\"control_percent\";i:0;s:8:\"controls\";a:1:{s:6:\"layout\";a:2:{s:14:\"section_layout\";a:2:{s:13:\"content_width\";i:2;s:3:\"gap\";i:2;}s:17:\"section_structure\";a:1:{s:9:\"structure\";i:1;}}}}s:15:\"post-navigation\";a:3:{s:5:\"count\";i:1;s:15:\"control_percent\";i:2;s:8:\"controls\";a:2:{s:7:\"content\";a:1:{s:31:\"section_post_navigation_content\";a:5:{s:10:\"prev_label\";i:1;s:10:\"next_label\";i:1;s:12:\"show_borders\";i:1;s:5:\"arrow\";i:1;s:10:\"show_arrow\";i:1;}}s:5:\"style\";a:1:{s:11:\"title_style\";a:3:{s:27:\"title_typography_typography\";i:1;s:26:\"title_typography_font_size\";i:1;s:28:\"title_typography_font_weight\";i:1;}}}}}"],"_elementor_css":["a:6:{s:4:\"time\";i:1775577488;s:5:\"fonts\";a:0:{}s:5:\"icons\";a:0:{}s:20:\"dynamic_elements_ids\";a:1:{i:0;s:7:\"395589d\";}s:6:\"status\";s:4:\"file\";i:0;s:0:\"\";}"],"_elementor_page_assets":["a:2:{s:6:\"styles\";a:12:{i:0;s:16:\"widget-post-info\";i:1;s:16:\"widget-icon-list\";i:2;s:26:\"elementor-icons-fa-regular\";i:3;s:24:\"elementor-icons-fa-solid\";i:4;s:14:\"widget-heading\";i:5;s:17:\"widget-author-box\";i:6;s:14:\"widget-divider\";i:7;s:13:\"widget-spacer\";i:8;s:12:\"widget-image\";i:9;s:21:\"widget-code-highlight\";i:10;s:15:\"thegem-bloglist\";i:11;s:22:\"widget-post-navigation\";}s:7:\"scripts\";a:10:{i:0;s:18:\"elementor-frontend\";i:1;s:12:\"prismjs_core\";i:2;s:14:\"prismjs_loader\";i:3;s:17:\"prismjs_normalize\";i:4;s:17:\"highlight_handler\";i:5;s:25:\"prismjs_copy_to_clipboard\";i:6;s:23:\"thegem-items-animations\";i:7;s:11:\"thegem-blog\";i:8;s:19:\"thegem-blog-isotope\";i:9;s:15:\"post-navigation\";}}"],"_elementor_element_cache":["{\"timeout\":1775802713,\"value\":{\"content\":\"\\t\\t<section class=\\\"elementor-section elementor-top-section elementor-element elementor-element-63301b1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\\\" data-id=\\\"63301b1\\\" data-element_type=\\\"section\\\" data-e-type=\\\"section\\\">\\r\\n\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-container elementor-column-gap-no\\\"><div class=\\\"elementor-row\\\">\\r\\n\\t\\t\\t\\t\\t<div class=\\\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-a1bd42c\\\" data-id=\\\"a1bd42c\\\" data-element_type=\\\"column\\\" data-e-type=\\\"column\\\">\\n\\t\\t\\t<div class=\\\"elementor-widget-wrap elementor-element-populated\\\">\\n\\t\\t\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImRhMzVjM2YiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJpY29uX2xpc3QiOlt7InNlbGVjdGVkX2ljb24iOnsidmFsdWUiOiJmYXMgZmEtY2FsZW5kYXIiLCJsaWJyYXJ5IjoiZmEtc29saWQifSwiX2lkIjoiOGUxYjA5MCIsImN1c3RvbV9kYXRlX2Zvcm1hdCI6IkYgaiwgWSIsImN1c3RvbV90aW1lX2Zvcm1hdCI6Imc6aSBhIiwibGluayI6IiIsInNob3dfaWNvbiI6Im5vbmUifV0sIl9tYXJnaW4iOnsidW5pdCI6InB4IiwidG9wIjoiMCIsInJpZ2h0IjoiMCIsImJvdHRvbSI6IjA1IiwibGVmdCI6IjAiLCJpc0xpbmtlZCI6ZmFsc2V9LCJfX2dsb2JhbHNfXyI6eyJ0ZXh0X2NvbG9yIjoiZ2xvYmFsc1wvY29sb3JzP2lkPXByaW1hcnkifX0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6InBvc3QtaW5mbyJ9\\\"][elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjM5NTU4OWQiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJ0aXRsZSI6IkFkZCBZb3VyIEhlYWRpbmcgVGV4dCBIZXJlIiwiaGVhZGVyX3NpemUiOiJkaXYiLCJ0aGVnZW1faGVhZGluZ19zdHlsZSI6InN0eWxlZC1zdWJ0aXRsZSIsIl9fZHluYW1pY19fIjp7InRpdGxlIjoiW2VsZW1lbnRvci10YWcgaWQ9XCI4Njk5YmMyXCIgbmFtZT1cInRoZWdlbS1wb3N0LWV4Y2VycHRcIiBzZXR0aW5ncz1cIiU3QiU3RFwiXSJ9fSwiZWxlbWVudHMiOltdLCJ3aWRnZXRUeXBlIjoiaGVhZGluZyJ9\\\"][elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjQ1OTJhZGMiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJzb3VyY2UiOiJjdXN0b20iLCJhdXRob3JfYXZhdGFyIjp7InVybCI6Imh0dHBzOlwvXC9rbXdsbGNjb20uc3RhZ2Uuc2l0ZVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyM1wvMDFcL0tpcmEzLTEuanBnIiwiaWQiOjI4NTc1LCJhbHQiOiIiLCJzb3VyY2UiOiJsaWJyYXJ5In0sImF1dGhvcl9uYW1lIjoiS2lyYSBUcmF5bm9yIiwiYXV0aG9yX25hbWVfdGFnIjoiZGl2IiwiYXV0aG9yX2JpbyI6IlNlYXJjaCBFbmdpbmVlciBhdCBLTVcgVGVjaG5vbG9neSIsImxpbmtfdGV4dCI6IkFsbCBQb3N0cyIsImltYWdlX3ZlcnRpY2FsX2FsaWduIjoidG9wIiwiaW1hZ2VfYm9yZGVyIjoieWVzIiwiaW1hZ2VfYm9yZGVyX3dpZHRoIjp7InVuaXQiOiJweCIsInNpemUiOjMsInNpemVzIjpbXX0sImltYWdlX2JvcmRlcl9yYWRpdXMiOnsidW5pdCI6InB4Iiwic2l6ZSI6MTAwLCJzaXplcyI6W119LCJuYW1lX2dhcCI6eyJ1bml0IjoicHgiLCJzaXplIjowLCJzaXplcyI6W119LCJfX2dsb2JhbHNfXyI6eyJpbWFnZV9ib3JkZXJfY29sb3IiOiJnbG9iYWxzXC9jb2xvcnM\\\/aWQ9NDI4ZjI3NyIsImJpb19jb2xvciI6Imdsb2JhbHNcL2NvbG9ycz9pZD1zZWNvbmRhcnkifSwiX3BhZGRpbmciOnsidW5pdCI6ImVtIiwidG9wIjoiMiIsInJpZ2h0IjoiMiIsImJvdHRvbSI6IjIiLCJsZWZ0IjoiMiIsImlzTGlua2VkIjp0cnVlfSwiX3BhZGRpbmdfdGFibGV0Ijp7InVuaXQiOiJlbSIsInRvcCI6IiIsInJpZ2h0IjoiIiwiYm90dG9tIjoiIiwibGVmdCI6IiIsImlzTGlua2VkIjp0cnVlfSwiX3BhZGRpbmdfbW9iaWxlIjp7InVuaXQiOiJlbSIsInRvcCI6IiIsInJpZ2h0IjoiIiwiYm90dG9tIjoiIiwibGVmdCI6IiIsImlzTGlua2VkIjp0cnVlfX0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6ImF1dGhvci1ib3gifQ==\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-9068a13 elementor-widget-divider--view-line flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-divider\\\" data-id=\\\"9068a13\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"divider.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-divider\\\">\\n\\t\\t\\t<span class=\\\"elementor-divider-separator\\\">\\n\\t\\t\\t\\t\\t\\t<\\\/span>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-f22d0cd flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"f22d0cd\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-3aea284 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"3aea284\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h2 class=\\\"elementor-heading-title elementor-size-large\\\">Introduction<\\\/h2>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImEzYWQ2M2YiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+SGF2ZSB5b3UgZXZlciBuZWVkZWQgdG8gZmluZCBvdXQgbW9yZSBhYm91dCB3aGF0J3MgZ29pbmcgb24gd2l0aCB5b3VyIFNvbHIgZGVwbG95bWVudD9cdTAwYTAgVGhlIFNvbHIgQWRtaW4gVUkgaXMgZ3JlYXQgYXQgY29tbXVuaWNhdGluZyB0aGUgb3ZlcmFsbCBoZWFsdGggb2YgdGhlIGNsdXN0ZXIsIGhvdyB0aGUgY29yZXMgYXJlIGRvaW5nIGFuZCB2YWxpZGF0aW5nIGNvbmZpZ3VyYXRpb24uIEJ1dCBzb21ldGltZXMgeW91IG5lZWQgdG8gZ28gYSBiaXQgZGVlcGVyIHRvIHVuZGVyc3RhbmQ6PFwvc3Bhbj48XC9wPjx1bD48bGkgc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiIGFyaWEtbGV2ZWw9XCIxXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPldoYXQncyBteSBxdWVyeSBsYXRlbmN5PzxcL3NwYW4+PFwvbGk+PGxpIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIiBhcmlhLWxldmVsPVwiMVwiPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5Ib3cgbG9uZyBhcmUgY29tbWl0cyB0YWtpbmc\\\/PFwvc3Bhbj48XC9saT48bGkgc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiIGFyaWEtbGV2ZWw9XCIxXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPklzIFNvbHIgdGhyb3dpbmcgYW55IGVycm9ycz88XC9zcGFuPjxcL2xpPjxsaSBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCIgYXJpYS1sZXZlbD1cIjFcIj48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+V2hhdCBxdWVyaWVzIGFyZSByZXR1cm5pbmcgemVybyByZXN1bHRzPzxcL3NwYW4+PFwvbGk+PFwvdWw+PHA+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPldoZW4gd2UgbmVlZCB0byBrbm93IG1vcmUsIHdlIG5lZWQgdG8gbG9vayBhdCB0aGUgbG9ncy48XC9zcGFuPjxcL3A+PHA+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPlRoZSBhYmlsaXR5IHRvIGFuYWx5emUgbG9nIGZpbGVzIGlzIGZvdW5kYXRpb25hbCB0byBtb25pdG9yaW5nIHRoZSBzdWNjZXNzIG9mIHlvdXIgU29sciBjbG91ZCBkZXBsb3ltZW50LiBMb2cgZmlsZXMgY29uc2lzdCBvZiA8XC9zcGFuPjxpPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5ldmVudHM8XC9zcGFuPjxcL2k+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPiB0aGF0IGFyZSBsb2dnZWQgd2l0aCBhIGRhdGUsIHRpbWVzdGFtcCwgZXZlbnQgbGV2ZWwgKHdhcm5pbmcsIGVycm9yLCBpbmZvLCBldGMuKSBhbmQgZXZlbnQgZGV0YWlsLiBUaGUgaW5mb3JtYXRpb24gY29udGFpbmVkIGluIHRoZSBsb2dzIGdpdmUgeW91IGluc2lnaHQgaW50byB3aGF0IGlzIGhhcHBlbmluZyB3aXRoaW4geW91ciBzeXN0ZW0uXHUwMGEwPFwvc3Bhbj48XC9wPjxwPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5BdCBLTVcgVGVjaG5vbG9neSwgd2UgZm9jdXMgb24gdXRpbGl6aW5nIG9wZW4tc291cmNlIHNvZnR3YXJlIGluIG91ciBzZWFyY2ggc29sdXRpb25zIGluIG9yZGVyIHRvIHN1cHBvcnQgYW5kIGNvbnRyaWJ1dGUgdG8gY29tbXVuaXR5LWRyaXZlbiBkZXZlbG9wbWVudC4gQXMgc3VjaCwgd2UgaGF2ZSBhIGxvdCBvZiBleHBlcnRpc2UgaW4gd29ya2luZyB3aXRoIFNvbHIuIFdoZW4gaXQgY29tZXMgdG8gYW5hbHl6aW5nIFNvbHIgbG9ncywgU29sciBkb2VzIGhhdmUgc29tZSBvdXQgb2YgdGhlIGJveCB0b29scy4gSG93ZXZlciwgd2VcdTIwMTl2ZSBmb3VuZCB0aGF0IHRob3NlIHRvb2xzIGRvblx1MjAxOXQgZ2l2ZSBhIGxvdCBvZiBvcHRpb25zIGZvciBjcmVhdGluZyByaWNoIHZpc3VhbCBhbmFseXNpcy4gV2VcdTIwMTl2ZSBhbHNvIGZvdW5kIHRoZXJlXHUyMDE5cyBubyBncmVhdCB3YXkgdG8gYW5hbHl6ZSBsb2dzIGluIHJlYWwgdGltZS4gU28gd2hhdCBkbyB3ZSBkbz8gV2UgdHVybiB0byBhbm90aGVyIG9wZW4tc291cmNlIHBsYXRmb3JtOiBFbGFzdGljLiBVc2luZyBFbGFzdGljXHUyMDE5cyBFTEsgc3RhY2ssIHdlIGNhbiBpbmdlc3QgU29sciBsb2cgZmlsZXMgYW5kIGxldmVyYWdlIHRvb2xzIGxpa2UgS2liYW5hIHRvIHF1ZXJ5IGFuZCB2aXN1YWxpemUgd2hhdFx1MjAxOXMgaGFwcGVuaW5nIGluIFNvbHIuPFwvc3Bhbj48XC9wPjxwPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5JbiB0aGlzIHBvc3QsIHdlXHUyMDE5bGwgZ28gb3ZlciBob3cgdG8gdXNlIEVsYXN0aWNzZWFyY2ggYW5kIGl0cyB0b29scyB3aXRoaW4gdGhlIEVMSyBzdGFjayB0byBxdWVyeSwgYW5hbHl6ZSBhbmQgdmlzdWFsaXplIHlvdXIgU29sciBsb2dzLiBJdCdzIGVhc2llciB0aGFuIHlvdSBtaWdodCB0aGluayE8XC9zcGFuPjxcL3A+In0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6InRleHQtZWRpdG9yIn0=\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-f2e09fa flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"f2e09fa\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-456081b flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"456081b\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h2 class=\\\"elementor-heading-title elementor-size-large\\\">The ELK Stack<\\\/h2>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImNlYWM2NmQiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+VGhlIGZvdXIgY29tcG9uZW50cyBvZiB0aGUgPGEgaHJlZj1cImh0dHBzOlwvXC93d3cuZWxhc3RpYy5jb1wvd2hhdC1pc1wvZWxrLXN0YWNrXCI+RUxLIHN0YWNrPFwvYT4gYXJlOiA8XC9zcGFuPjxiPkU8XC9iPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5sYXN0aWNzZWFyY2g8XC9zcGFuPjxiPiwgTDxcL2I+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPm9nc3Rhc2gsIDxcL3NwYW4+PGI+SzxcL2I+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPmliYW5hLCBhbmQgQmVhdHMuIFRoZSBwcm9jZXNzIGJlZ2lucyB3aXRoIEJlYXRzLCBhIHBsYXRmb3JtIHdpdGggbXVsdGlwbGUgZGlmZmVyZW50IGRhdGEgc2hpcHBlcnMuIEZpbGViZWF0IGlzIG9uZSBvZiB0aGVzZSBkYXRhIHNoaXBwZXJzLCBhbmQgc2V0dGluZyB1cCBGaWxlYmVhdCBpcyB0aGUgZmlyc3Qgc3RlcCB0byBpbmdlc3RpbmcgeW91ciBsb2dzLiBPbmNlIEZpbGViZWF0IGlzIGhvb2tlZCBpbnRvIHlvdXIgU29sciBsb2dzLCB5b3VyIGxvZyBkYXRhIGNhbiB0aGVuIGJlIHNoaXBwZWQgdG8gTG9nc3Rhc2ggd2hpY2ggd2lsbCBpbmdlc3QgdGhlIGxvZ3MuIFdoZW4gTG9nc3Rhc2ggaW5nZXN0cyBhbmQgcGFyc2VzIHRoZSBsb2cgZGF0YSwgY3JlYXRlIGFuIGluZGV4IGluIEVsYXN0aWNzZWFyY2ggYW5kIGFkZCB0aGUgbG9ncyB0byB0aGlzIGluZGV4LiBPbmNlIEVsYXN0aWNzZWFyY2ggaGFzIGFsbCB0aGUgZGF0YSwgeW91IGNhbiB1c2UgS2liYW5hIHRvIHF1ZXJ5IHlvdXIgbG9nIGRhdGEgYW5kIGNyZWF0ZSB2aXN1YWxpemF0aW9ucyB0aGF0IGFpZCBpbiB5b3VyIGFuYWx5c2lzLjxcL3NwYW4+PFwvcD4ifSwiZWxlbWVudHMiOltdLCJ3aWRnZXRUeXBlIjoidGV4dC1lZGl0b3IifQ==\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-bb09f3e flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"bb09f3e\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-100498f flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-image\\\" data-id=\\\"100498f\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"image.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t<img width=\\\"1024\\\" height=\\\"267\\\" src=\\\"https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/elk_stack_log_analysis-1024x267.png\\\" class=\\\"attachment-large size-large wp-image-28330\\\" alt=\\\"\\\" srcset=\\\"https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/elk_stack_log_analysis-1024x267.png 1024w, https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/elk_stack_log_analysis-300x78.png 300w, https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/elk_stack_log_analysis-768x200.png 768w, https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/elk_stack_log_analysis.png 1055w\\\" sizes=\\\"(max-width: 1024px) 100vw, 1024px\\\" \\\/>\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-35098e5 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"35098e5\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-542d17f flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"542d17f\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h2 class=\\\"elementor-heading-title elementor-size-large\\\">\\nThe Process<\\\/h2>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-72e5dea flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"72e5dea\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h3 class=\\\"elementor-heading-title elementor-size-medium\\\">Installing &amp; Configuring ELK<\\\/h3>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImU1YzdjMTIiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD5JbnN0YWxsIHRoZSBmb2xsb3dpbmcgcHJvZHVjdHM6PFwvcD48dWw+PGxpIGFyaWEtbGV2ZWw9XCIxXCI+PGEgaHJlZj1cImh0dHBzOlwvXC93d3cuZWxhc3RpYy5jb1wvZG93bmxvYWRzXC9wYXN0LXJlbGVhc2VzI2VsYXN0aWNzZWFyY2hcIj5FbGFzdGljc2VhcmNoPFwvYT48XC9saT48bGkgYXJpYS1sZXZlbD1cIjFcIj48YSBocmVmPVwiaHR0cHM6XC9cL3d3dy5lbGFzdGljLmNvXC9kb3dubG9hZHNcL3Bhc3QtcmVsZWFzZXMjbG9nc3Rhc2hcIj5Mb2dzdGFzaDxcL2E+PFwvbGk+PGxpIGFyaWEtbGV2ZWw9XCIxXCI+PGEgaHJlZj1cImh0dHBzOlwvXC93d3cuZWxhc3RpYy5jb1wvZG93bmxvYWRzXC9wYXN0LXJlbGVhc2VzI2tpYmFuYVwiPktpYmFuYTxcL2E+PFwvbGk+PGxpIGFyaWEtbGV2ZWw9XCIxXCI+PGEgaHJlZj1cImh0dHBzOlwvXC93d3cuZWxhc3RpYy5jb1wvZG93bmxvYWRzXC9wYXN0LXJlbGVhc2VzI2ZpbGViZWF0XCI+RmlsZWJlYXQ8XC9hPjxcL2xpPjxcL3VsPjxwPkVuc3VyZSB0aGF0IGVhY2ggb2YgdGhlIGRvd25sb2FkZWQgcHJvZHVjdHMgYXJlIGNvbXBhdGlibGUgd2l0aCBlYWNoIG90aGVyLCBpLmUuIGFsbCBoYXZlIHRoZSB2ZXJzaW9uIDguNC4yLiBZb3UgY2FuIGZpbmQgdGhlIGNvbXBhdGliaWxpdHkgbWF0cml4XHUwMGEwPGEgaHJlZj1cImh0dHBzOlwvXC93d3cuZWxhc3RpYy5jb1wvc3VwcG9ydFwvbWF0cml4I21hdHJpeF9jb21wYXRpYmlsaXR5XCI+aGVyZS48XC9hPjxcL3A+In0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6InRleHQtZWRpdG9yIn0=\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-9ca01a5 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"9ca01a5\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-7de389b flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"7de389b\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h3 class=\\\"elementor-heading-title elementor-size-medium\\\">Pointing Filebeat at Your Logs<\\\/h3>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImYyNzE2OTQiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+RmlsZWJlYXRcdTIwMTlzIHJvbGUgd2lsbCBiZSB0byBtb25pdG9yIHRoZSBmaWxlcyB0aGF0IGFyZSBpbiBhIGRlZmluZWQgaW5wdXQgbG9jYXRpb24gYW5kIHNlbmQgdGhlbSB0byBhIGRlZmluZWQgb3V0cHV0IGxvY2F0aW9uLiBJbiB0aGlzIGNhc2UsIHRoZSBpbnB1dCB3aWxsIGJlIHRoZSBwYXRoIHRvIHlvdXIgU29sciBsb2dzIGFuZCB0aGUgb3V0cHV0IHdpbGwgYmUgTG9nc3Rhc2guPFwvc3Bhbj48XC9wPjxwPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5Zb3UgY2FuIGNob29zZSB0byBlaXRoZXIgYWN0aXZlbHkgbW9uaXRvciB5b3VyIGxvZ3MgaW4gcmVhbCB0aW1lIG9yIGluZ2VzdCBhIHNhdmVkIHNldCBvZiBsb2dzIHRoYXQgY2FtZSBmcm9tIGEgY2VydGFpbiB0aW1lIHBlcmlvZC4gSW4gZWl0aGVyIHNjZW5hcmlvLCB0aGUgRmlsZWJlYXQgc2V0dXAgd2lsbCBiZSB0aGUgc2FtZS4gSG93ZXZlciwgaWYgeW91IGFyZSBub3QgbW9uaXRvcmluZyB5b3VyIGxvZ3MgaW4gcmVhbCB0aW1lIEZpbGViZWF0IG9ubHkgaGFzIHRvIHJ1biBvbmNlIGFuZCBjYW4gYmUgdGVybWluYXRlZCB3aGVuIGl0IGhhcyBmaW5pc2hlZC4gT3RoZXJ3aXNlLCBGaWxlYmVhdCBzaG91bGQgYmUgbGVmdCBydW5uaW5nIHNvIHRoYXQgaXQgY2FuIGNvbnRpbnVlIHRvIHNlbmQgbG9nIHVwZGF0ZXMgaW4gcmVhbCB0aW1lLjxcL3NwYW4+PFwvcD48cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+V2l0aGluIHRoZSBkb3dubG9hZGVkIEZpbGViZWF0IHBhY2thZ2UsIGZpbmQgPFwvc3Bhbj48Yj5maWxlYmVhdC55bWw8XC9iPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj4uPFwvc3Bhbj48XC9wPjxvbD48bGkgc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiIGFyaWEtbGV2ZWw9XCIxXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPkFkZCB0aGUgcGF0aChzKSB0byB5b3VyIFNvbHIgbG9ncyB1bmRlciB0aGU8XC9zcGFuPjxiPiBmaWxlYmVhdC5pbnB1dHM8XC9iPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj4gc2VjdGlvbiBhbmQgc2V0IGVuYWJsZWQgdG8gdHJ1ZS4gWW91IGNhbiB1c2UgPFwvc3Bhbj48Yj5nbG9iPFwvYj48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+IHRvIG1hdGNoIG11bHRpcGxlIGxvZ3MuPFwvc3Bhbj48XC9saT48XC9vbD4ifSwiZWxlbWVudHMiOltdLCJ3aWRnZXRUeXBlIjoidGV4dC1lZGl0b3IifQ==\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-0b2677c flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"0b2677c\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard \\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp>filebeat.inputs:\\r\\n- type: log\\r\\n  # Change to true to enable this input configuration.\\r\\n  enabled: true\\r\\n  # Paths that should be crawled and fetched. Glob based paths.\\r\\n  paths:\\r\\n    - \\\/Downloads\\\/Logs\\\/SolrLogs\\\/solr.log*<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjMxNDUxMWUiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8b2wgc3RhcnQ9XCIyXCI+XG4gXHQ8bGkgYXJpYS1sZXZlbD1cIjFcIj5VbmRlciB0aGUgS2liYW5hIHNlY3Rpb24sIG1ha2Ugc3VyZSB0aGF0IHRoZSBLaWJhbmEgaG9zdCBpcyBzZXQgdG8geW91ciBzcGVjaWZpYyBLaWJhbmEgaG9zdC4gWW91IGRvIG5vdCBuZWVkIHRvIHNldCBhbnl0aGluZyBmb3IgdGhlIEVsYXN0aWNzZWFyY2ggb3V0cHV0LjxcL2xpPlxuPFwvb2w+In0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6InRleHQtZWRpdG9yIn0=\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-1aa4cac flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"1aa4cac\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard \\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp>setup.kibana:\\r\\n  # Kibana Host\\r\\n  host: \\\"localhost:5601\\\"<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjQ0YTJlZjciLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8b2wgc3RhcnQ9XCIzXCI+XG4gXHQ8bGkgYXJpYS1sZXZlbD1cIjFcIj5TaW5jZSB3ZSB3YW50IHRvIGNvbm5lY3QgaXQgdG8gTG9nc3Rhc2gsIHNldCB0aGUgb3V0cHV0IGFjY29yZGluZ2x5LiBNYWtlIHN1cmUgb3V0cHV0LmVsYXN0aWNzZWFyY2ggaXMgbm90IHNldCB0byBhbnl0aGluZyBhbmQgb3V0cHV0LmxvZ3N0YXNoIGlzIHNldDo8XC9saT5cbjxcL29sPiJ9LCJlbGVtZW50cyI6W10sIndpZGdldFR5cGUiOiJ0ZXh0LWVkaXRvciJ9\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-8c7ff30 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"8c7ff30\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard \\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp>output.logstash:\\r\\n  # The Logstash hosts\\r\\n  hosts: [\\\"0.0.0.0:5044\\\"]<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjM0MDFlOWUiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48aT5Ob3RlPFwvaT46IHRoZXJlIGFyZSBvdGhlciBzZWN0aW9ucyBvZiBGaWxlYmVhdCB0aGF0IGNhbiBiZSBjb25maWd1cmVkLCBidXQgZm9yIHRoaXMgZXhhbXBsZSB3ZSBhcmUgbGVhdmluZyB0aGVzZSBzZWN0aW9ucyBzZXQgYWNjb3JkaW5nIHRvIHRoZSB2YWx1ZXMgdGhhdCBhcmUgcHJlLWxvYWRlZCB3aGVuIHlvdSBmaXJzdCBpbnN0YWxsIEZpbGViZWF0LjxcL3A+In0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6InRleHQtZWRpdG9yIn0=\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-917cb9e flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"917cb9e\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-ee56829 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"ee56829\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h3 class=\\\"elementor-heading-title elementor-size-medium\\\">Configuring Logstash<\\\/h3>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImY2MTAxY2EiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+TG9nc3Rhc2ggaXMgYW4gRVRMIHRvb2wgdGhhdCByZXF1aXJlcyBzb21lIGluaXRpYWwgY29uZmlndXJhdGlvbi4gSXQgaXMgdGhlIHBpcGVsaW5lIHRoYXQgdGFrZXMgZmlsZXMgZnJvbSBGaWxlYmVhdCwgaW5nZXN0cyBhbmQgdHJhbnNmb3JtcyB0aGUgZGF0YSBzbyB0aGF0IGl0IGNhbiBiZSBpbmRleGVkLCBhbmQgc2VuZHMgaXQgdG8gRWxhc3RpY3NlYXJjaCB0byBiZSBtYWRlIHNlYXJjaGFibGUuXHUwMGEwPFwvc3Bhbj48XC9wPjxwPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5Mb2dzdGFzaCBoYXMgdG8gYmUgY29uZmlndXJlZCBhY2NvcmRpbmdseSB0byBlbnN1cmUgdGhhdCB0aGUgZGF0YSB0aGF0IGlzIGluIHlvdXIgbG9ncyBpcyBjYXB0dXJlZCBhbmQgbWFkZSBzZWFyY2hhYmxlIGFzIGZpdHMgeW91ciBuZWVkcy4gVGhpcyBtZWFucyBpZGVudGlmeWluZyB3aGF0IGNvbnRlbnQgZnJvbSB0aGUgU29sciBsb2cgZmlsZXMgaXMgaW1wb3J0YW50IHRvIHJldGFpbiBhbmQgd2hhdCBtaWdodCBub3QgYmUgbmVjZXNzYXJ5LiBJbiB0aGUgYmVsb3cgZXhhbXBsZSwgd2Ugd2lsbCB3YWxrIHRocm91Z2ggd2hhdCB3ZSBjb25zaWRlciBhIGJhc2ljIExvZ3N0YXNoIGNvbmZpZ3VyYXRpb24gZm9yIFNvbHIgbG9nIGluZ2VzdGlvblx1MjAxMyBidXQgYmUgYXdhcmUgdGhhdCB5b3VyIHVzZSBjYXNlIG1pZ2h0IGJlIGRpZmZlcmVudC48XC9zcGFuPjxcL3A+In0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6InRleHQtZWRpdG9yIn0=\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-5db1562 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"5db1562\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-147f8dc flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"147f8dc\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h3 class=\\\"elementor-heading-title elementor-size-medium\\\">Setting up the Pipeline<\\\/h3>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjQyNTBkNGUiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+VGhlIGZpcnN0IHN0ZXAgaXMgdG8gc2V0IHVwIHRoZSBwaXBlbGluZSBmb3IgTG9nc3Rhc2guIEFzIHlvdVx1MjAxOWxsIHNlZSBiZWxvdywgeW91IHdpbGwgdXNlIEdyb2sgdG8gbWF0Y2ggYW5kIGZpbHRlciB0aGUgY29udGVudCBpbiB0aGUgbG9ncy4gR3JvayBpcyBzaW1pbGFyIHRvIHJlZ3VsYXIgZXhwcmVzc2lvbiBpbiB0aGF0IGl0IGlzIGEgc2VhcmNoIHBhdHRlcm4gdGhhdCBjYW4gYmUgbWF0Y2hlZCB0byB0ZXh0LiBUaGlzIHdpbGwgYWxsb3cgeW91IHRvIHNldCB2YWx1ZXMgdG8gZmllbGRzLiBTb21lIGRvY3VtZW50YXRpb24gYW5kIGV4YW1wbGVzIG9mIEdyb2sgc3RhdGVtZW50cyBmcm9tIEVsYXN0aWNzZWFyY2ggY2FuIGJlIGZvdW5kIDxcL3NwYW4+PGEgaHJlZj1cImh0dHBzOlwvXC93d3cuZWxhc3RpYy5jb1wvZ3VpZGVcL2VuXC9lbGFzdGljc2VhcmNoXC9yZWZlcmVuY2VcL2N1cnJlbnRcL2dyb2stcHJvY2Vzc29yLmh0bWxcIj48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+aGVyZTxcL3NwYW4+PFwvYT48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+LjxcL3NwYW4+PFwvcD48cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+V2l0aGluIHRoZSBpbnN0YWxsZWQgTG9nc3Rhc2ggcGFja2FnZSwgbG9jYXRlIHRoZSA8XC9zcGFuPjxiPmNvbmZcL2xvZ3N0YXNoLXNhbXBsZS5jb25mPFwvYj48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+IGZpbGUuIFRoZXJlIHNob3VsZCBiZSBhbiBpbnB1dHMgYW5kIGFuIG91dHB1dHMgc2VjdGlvbi48XC9zcGFuPjxcL3A+PG9sPjxsaT48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+PHN0cm9uZz5BZGQgYSBmaWx0ZXIgc2VjdGlvbiBhZnRlciB0aGUgaW5wdXRzPFwvc3Ryb25nPi4gVGhpcyB3aWxsIGJlIHdoZXJlIHlvdSBjYW4gY3JlYXRlIEdyb2sgc3RhdGVtZW50cyB0byBmaWx0ZXIgYW5kIG1hdGNoIHRoZSBkYXRhIHRoYXQgeW91IHdhbnQgZnJvbSB5b3VyIGxvZ3MuIFRoZSBmb2xsb3dpbmcgY29kZSBtYXRjaGVzIHRoZSA8XC9zcGFuPjxpPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj50aW1lPFwvc3Bhbj48XC9pPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj4gYW5kPFwvc3Bhbj48aT48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+IGxvZyBsZXZlbDxcL3NwYW4+PFwvaT48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+IGZyb20gU29sciBsb2dzIGFuZCBzZXRzIHRob3NlIHZhbHVlcyB0byB0aGUgTG9nVGltZSBhbmQgbGV2ZWwgZmllbGRzLjxcL3NwYW4+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPiBVc2UgdGhlIEdyb2sgZGVidWdnZXIgZnJvbSBLaWJhbmEgdG8gY2hlY2sgaWYgdGhlIEdyb2sgc3RhdGVtZW50cyBhcmUgbWF0Y2hpbmcgdGhlIGNvcnJlY3QgZGF0YS48YnIgXC8+PFwvc3Bhbj48YnIgXC8+XHUwMGEwQWRkaXRpb25hbGx5LCB5b3UgY2FuIGFkZCBHcm9rIHRoYXQgbG9va3MgbGlrZSB0aGUgZXhhbXBsZSBiZWxvdywgd2hpY2ggd2lsbCBtYXRjaCB0aGUgYmFzaWMgbG9nIGNvbmZpZ3VyYXRpb24gZm9yIFNvbHIgbG9ncy4gS2VlcCBpbiBtaW5kIHlvdSBjYW4gYWxzbyBtYXRjaCBlcnJvciBsZXZlbCBsb2dzIGFuZCBnYXJiYWdlIGNvbGxlY3Rpb24gbG9ncy48XC9saT48XC9vbD4ifSwiZWxlbWVudHMiOltdLCJ3aWRnZXRUeXBlIjoidGV4dC1lZGl0b3IifQ==\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-cde19d4 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"cde19d4\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard word-wrap\\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp> if \\\"INFO\\\" in [level] {\\r\\n   grok {\\r\\n     match => [\\r\\n       \\\"message\\\", \\\"%{DATESTAMP} %{LOGLEVEL} (%{DATA}) \\\\[(c:%{DATA:collection}| ) (s:%{DATA}|)\\\\] %{DATA} \\\\[%{WORD:core_node_name_s}\\\\] %{SPACE} webapp=\\\\\\\/?%{WORD:webapp} path=%{DATA:path_s} params=\\\\{%{DATA:params}\\\\} status=%{NUMBER:status_i} QTime=%{NUMBER:qtime_i}\\\",\\r\\n       \\\"message\\\", \\\"%{DATESTAMP} %{LOGLEVEL} (%{DATA}) \\\\[(c:%{DATA:collection}| ) (s:%{DATA}|)\\\\] %{DATA} \\\\[%{WORD:core_node_name_s}\\\\] %{SPACE} webapp=\\\\\\\/?%{WORD:webapp} path=%{DATA:path_s} params=\\\\{%{DATA:params}\\\\} hits=%{NUMBER:hits_i} status=%{NUMBER:status_i} QTime=%{NUMBER:qtime_i}\\\",\\r\\n       \\\"message\\\", \\\"%{DATESTAMP} %{LOGLEVEL} (%{DATA}) \\\\[(c:%{DATA:collection}| ) (s:%{DATA}|)\\\\] %{DATA} \\\\[%{WORD:core_node_name_s}\\\\] %{SPACE} webapp=\\\\\\\/?%{WORD:webapp} path=%{DATA:path_s} params=\\\\{%{GREEDYDATA:params}\\\\} %{NUMBER:status_i} %{NUMBER:qtime_i}\\\"\\r\\n     ]\\r\\n     tag_on_failure => []\\r\\n   }\\r\\n   if [params] {\\r\\n     kv {\\r\\n       field_split_pattern => \\\"&|}{\\\"\\r\\n       source => \\\"params\\\"\\r\\n     }\\r\\n} <\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjRmOGFkNzkiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8b2wgc3RhcnQ9XCIyXCI+PGxpPjxzdHJvbmc+Q29uZmlndXJlIHRoZSBvdXRwdXQuPFwvc3Ryb25nPjxvbD48bGk+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPlNldCBFbGFzdGljc2VhcmNoIGhvc3QgdG8gPGNvZGU+XCJodHRwczpcL1wvbG9jYWxob3N0OjkyMDBcIjxcL2NvZGU+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPlwiPFwvc3Bhbj48XC9zcGFuPjxcL2xpPjxsaT48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+U2V0IHRoZSB0ZW1wbGF0ZSB0byB0aGUgcGF0aC4gV2Ugd2lsbCBzZXQgdXAgdGhlIHRlbXBsYXRlIChtYXBwaW5nKSBhZnRlciB0aGlzLlx1MDBhMDxcL3NwYW4+PFwvbGk+PGxpPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5TZXQgaW5kZXggbmFtZTxcL3NwYW4+PFwvbGk+PGxpPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+U2V0IHRoZSB1c2VyIGFuZCBwYXNzd29yZCBmcm9tIHlvdXIgZWxhc3RpY3NlYXJjaCBvciBzc2xfY2VydGlmaWNhdGVfdmVyaWZpY2F0aW9uPFwvc3Bhbj48XC9zcGFuPjxcL2xpPjxcL29sPjxcL2xpPjxcL29sPiJ9LCJlbGVtZW50cyI6W10sIndpZGdldFR5cGUiOiJ0ZXh0LWVkaXRvciJ9\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-977f807 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"977f807\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-9c668ea flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"9c668ea\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h3 class=\\\"elementor-heading-title elementor-size-medium\\\">Defining the Mappings (Index Template)<\\\/h3>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjY0NDEwNGMiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+U2luY2UgeW91XHUyMDE5cmUgZmFtaWxpYXIgd2l0aCBTb2xyLCB5b3Uga25vdyB0aGF0IGEgY29sbGVjdGlvbiA8XC9zcGFuPjxpPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5zY2hlbWE8XC9zcGFuPjxcL2k+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPiBkZWNsYXJlcyB0aGUgZmllbGRzIGFuZCBjb3JyZXNwb25kaW5nIGRhdGEgdHlwZXMgcGVyIGZpZWxkLiBJbiBFbGFzdGljc2VhcmNoLCBhIHNjaGVtYSBpcyByZWZlcnJlZCB0byBhcyBhIDxcL3NwYW4+PGk+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPm1hcHBpbmc8XC9zcGFuPjxcL2k+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPiwgYW5kIHRoZSBtYXBwaW5nIGlzIGFwcGxpZWQgdG8gYSBzcGVjaWZpYyA8XC9zcGFuPjxpPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5pbmRleDxcL3NwYW4+PFwvaT48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+LiBBIExvZ3N0YXNoIGluZGV4IHRlbXBsYXRlIGlzIG5lZWRlZCBpbiBvcmRlciB0byBkZWZpbmUgdGhlIG1hcHBpbmdzIHRoYXQgRWxhc3RpY3NlYXJjaCB3aWxsIHVzZSB0byBjcmVhdGUgYW4gaW5kZXggb2YgeW91ciBTb2xyIGxvZyBmaWxlcy48XC9zcGFuPjxcL3A+PHA+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPktlZXAgaW4gbWluZCB0aGF0IGluZGV4IHRlbXBsYXRlcyBhcmUgb25seSBhcHBsaWVkIGF0IGluZGV4IGNyZWF0aW9uIG9yIGR1cmluZyBhIHJlLWluZGV4LjxcL3NwYW4+PFwvcD48cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+SWYgeW91IGRvblx1MjAxOXQgc3BlY2lmeSBtYXBwaW5ncyBmb3IgZWFjaCBvZiB0aGUgZmllbGRzIHRoYXQgeW91IGFyZSBtYXRjaGluZyBmcm9tIHRoZSBHcm9rIHN0YXRlbWVudHMsIEVsYXN0aWNzZWFyY2ggd2lsbCBzdGlsbCBpbmdlc3QgdGhlIGxvZ3MgYW5kIGFzc3VtZSBhIHR5cGUgZm9yIGVhY2ggZmllbGQuIFRoaXMgY2FuIGJlIHByb2JsZW1hdGljIGlmIEVsYXN0aWNzZWFyY2ggYXNzdW1lcyB0aGUgd3JvbmcgZmllbGQgdHlwZS4gRm9yIGV4YW1wbGUsIGlmIGEgZmllbGQgd2l0aCBhbiBpbnRlZ2VyIHR5cGUgaXMgaW5nZXN0ZWQgYXMgYSBzdHJpbmcgdHlwZSB5b3Ugd2lsbCBub3QgYmUgYWJsZSB0byByZXByZXNlbnQgaXQgaW4gdGhlIGNvcnJlY3Qgd2F5IGluIGEgS2liYW5hIGdyYXBoIHVzaW5nIG1pbmltdW1zLCBtYXhpbXVtcywgYXZlcmFnZXMgb3Igb3RoZXIgbWF0aGVtYXRpY2FsIG9wZXJhdGlvbnMuPFwvc3Bhbj48XC9wPjxwPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5UbyBzdGFydCBtYWtpbmcgYSB0ZW1wbGF0ZSwgY3JlYXRlIGEgSlNPTiBmaWxlIHVzaW5nIHRoZSBleGFtcGxlIHRlbXBsYXRlIGJlbG93LiBUaGUgbmFtZSBhbmQgcGF0aCBoYXMgdG8gYmUgd2hhdGV2ZXIgeW91IHNldCB5b3VyIHRlbXBsYXRlIHRvIGluIHRoZSBwaXBlbGluZSBhYm92ZS4gVGhlcmUgYXJlIHR3byBtYWluIGNvbXBvbmVudHMgdG8gdGhlIGluZGV4IHRlbXBsYXRlLjxcL3NwYW4+PFwvcD48b2w+PGxpIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIiBhcmlhLWxldmVsPVwiMVwiPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5JbmNsdWRlIHlvdXIgPGNvZGU+aW5kZXhfcGF0dGVybnM8XC9jb2RlPjxcL3NwYW4+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPlx1MDBhMHRvIG1hdGNoIHRoZSBpbmRpY2VzIHlvdSB3YW50LjxcL3NwYW4+PFwvbGk+PGxpPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+SW5jbHVkZSB0aGUgPGNvZGU+bWFwcGluZ3M8XC9jb2RlPiBtYXAuIFRoaXMgcGFydCBpbmNsdWRlcyB0aGUgbWFwcGluZyBvZiB0aGUgZmllbGRzIHRvIHRoZWlyIGRhdGEgdHlwZS4gU2luY2UgeW91IGFscmVhZHkgc2V0IHVwIHlvdXIgcGlwZWxpbmUgaW4gdGhlIHNlY3Rpb24gYWJvdmUsIHlvdSBrbm93IHdoYXQgZmllbGRzIHlvdSBhcmUgbWF0Y2hpbmcgZnJvbSB0aGUgbG9ncy4gRm9yIGVhY2ggb2YgdGhlIGZpZWxkcywgZGV0ZXJtaW5lIHdoYXQgZGF0YSB0eXBlIHRoZXkgc2hvdWxkIGJlLiBGb3IgZXhhbXBsZSwgaWYgeW91IGFyZSBtYXRjaGluZyBxdWVyeSB0aW1lIHZhbHVlcyBpbiB5b3VyIGxvZyBhbmQgeW91IGNhbGxlZCB0aGUgZmllbGQgPGNvZGU+cXRpbWVfaTxcL2NvZGU+IGJlY2F1c2UgaXQgaXMgYW4gaW50ZWdlciB2YWx1ZSwgeW91IHNob3VsZCBhZGQgdGhpcyB0byB5b3VyIG1hcHBpbmdzLiBGcm9tIEVsYXN0aWNzZWFyY2hcdTIwMTlzIGRvY3VtZW50YXRpb24sIDxhIGhyZWY9XCJodHRwczpcL1wvd3d3LmVsYXN0aWMuY29cL2d1aWRlXC9lblwvZWxhc3RpY3NlYXJjaFwvcmVmZXJlbmNlXC84LjRcL21hcHBpbmctdHlwZXMuaHRtbFwiPmhlcmU8XC9hPiBhcmUgYWxsIHRoZSBkaWZmZXJlbnQgdHlwZXMgdGhhdCB5b3UgY2FuIGluY2x1ZGUgaW4geW91ciBtYXBwaW5nLiBFYWNoIGZpZWxkIGNhbiBvbmx5IGhhdmUgb25lIGRhdGEgdHlwZS48XC9zcGFuPjxcL3NwYW4+PFwvbGk+PFwvb2w+In0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6InRleHQtZWRpdG9yIn0=\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-2e5d380 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"2e5d380\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard \\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp>\\\"qtime_i\\\":{\\r\\n    \\\"type\\\": \\\"integer\\\",\\r\\n    \\\"fields\\\":{\\r\\n        \\\"keyword\\\":{\\r\\n            \\\"type\\\": \\\"keyword\\\", \\r\\n            \\\"ignore_above\\\": 256\\r\\n        }\\r\\n    }\\r\\n}<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6Ijc0YWYwNWQiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD5cdTAwYTA8XC9wPjxwPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5UaGUgd2hvbGUgdGVtcGxhdGUgd2lsbCBsb29rIHNvbWV0aGluZyBsaWtlIHdoYXQgaXMgYmVsb3cuPFwvc3Bhbj48XC9wPiJ9LCJlbGVtZW50cyI6W10sIndpZGdldFR5cGUiOiJ0ZXh0LWVkaXRvciJ9\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-08389d6 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"08389d6\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard word-wrap\\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp>{\\r\\n \\\"template\\\": \\\"solr-logs-template\\\",\\r\\n \\\"index_patterns\\\": [\\\"solr-logs*\\\"],\\r\\n \\\"mappings\\\" : {\\r\\n   \\\"properties\\\" : {\\r\\n     \\\"@timestamp\\\" : {\\r\\n       \\\"type\\\" : \\\"date\\\"\\r\\n     },\\r\\n     \\\"@version\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"LogTime\\\" : {\\r\\n       \\\"type\\\" : \\\"date\\\",\\r\\n       \\\"format\\\" : \\\"yy-MM-dd HH:mm:ss.SSS\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"agent\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"ephemeral_id\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"hostname\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"id\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"type\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"version\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"commit\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"core_node_name_s\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"ecs\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"version\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"file\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"fl\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"hits_i\\\" : {\\r\\n       \\\"type\\\" : \\\"integer\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"host\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"architecture\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"hostname\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"id\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"name\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"os\\\" : {\\r\\n           \\\"properties\\\" : {\\r\\n             \\\"build\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"family\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"kernel\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"name\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"platform\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             },\\r\\n             \\\"version\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             }\\r\\n           }\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"input\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"type\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"level\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"log\\\" : {\\r\\n       \\\"properties\\\" : {\\r\\n         \\\"file\\\" : {\\r\\n           \\\"properties\\\" : {\\r\\n             \\\"path\\\" : {\\r\\n               \\\"type\\\" : \\\"text\\\",\\r\\n               \\\"fields\\\" : {\\r\\n                 \\\"keyword\\\" : {\\r\\n                   \\\"type\\\" : \\\"keyword\\\",\\r\\n                   \\\"ignore_above\\\" : 256\\r\\n                 }\\r\\n               }\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"flags\\\" : {\\r\\n           \\\"type\\\" : \\\"text\\\",\\r\\n           \\\"fields\\\" : {\\r\\n             \\\"keyword\\\" : {\\r\\n               \\\"type\\\" : \\\"keyword\\\",\\r\\n               \\\"ignore_above\\\" : 256\\r\\n             }\\r\\n           }\\r\\n         },\\r\\n         \\\"offset\\\" : {\\r\\n           \\\"type\\\" : \\\"long\\\"\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"message\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"params\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"path_s\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"q\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"qt\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"qtime_i\\\" : {\\r\\n       \\\"type\\\" : \\\"integer\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"rows\\\" : {\\r\\n       \\\"type\\\" : \\\"integer\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"status_i\\\" : {\\r\\n       \\\"type\\\" : \\\"integer\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"tags\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"version\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"webapp_s\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"threads_stopped_for_seconds_i\\\" : {\\r\\n       \\\"type\\\" : \\\"float\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     },\\r\\n     \\\"wt\\\" : {\\r\\n       \\\"type\\\" : \\\"text\\\",\\r\\n       \\\"fields\\\" : {\\r\\n         \\\"keyword\\\" : {\\r\\n           \\\"type\\\" : \\\"keyword\\\",\\r\\n           \\\"ignore_above\\\" : 256\\r\\n         }\\r\\n       }\\r\\n     }\\r\\n   }\\r\\n }\\r\\n}\\r\\n\\r\\n<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-7073332 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"7073332\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-1ded788 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"1ded788\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h2 class=\\\"elementor-heading-title elementor-size-large\\\">Running ELK<\\\/h2>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjgwYzVlMmYiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+Tm93IHRoYXQgc2V0dXAgaGFzIGJlZW4gY29tcGxldGVkLCB5b3VcdTIwMTlyZSByZWFkeSB0byBydW4gYWxsIGZvdXIgcGFydHM6IEVsYXN0aWNzZWFyY2gsIEtpYmFuYSwgTG9nc3Rhc2gsIEZpbGViZWF0LjxcL3NwYW4+PFwvcD48dWw+PGxpIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIiBhcmlhLWxldmVsPVwiMVwiPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5SdW4gRWxhc3RpY3NlYXJjaC5cdTAwYTAgRnJvbSB0aGUgRWxhc3RpY3NlYXJjaCBwYWNrYWdlIHJ1biA8Y29kZT5bLlwvYmluXC9lbGFzdGljc2VhcmNoXTxcL2NvZGU+LiBFbGFzdGljc2VhcmNoIHdpbGwgYmUgZm91bmQgYXQgPGNvZGU+W2h0dHBzOlwvXC9sb2NhbGhvc3Q6OTIwMF08XC9jb2RlPjxcL3NwYW4+PFwvbGk+PGxpIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIiBhcmlhLWxldmVsPVwiMVwiPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5SdW5uaW5nIEtpYmFuYSBtYXkgYmUgdXNlZnVsIGR1cmluZyB0aGUgY29uZmlndXJhdGlvbiBvZiBMb2dzdGFzaCBmb3IgdGhlIEdyb2sgZGVidWdnZXIuIEJlIGF3YXJlIHRoYXQgeW91IG5lZWQgdG8gaGF2ZSBFbGFzdGljc2VhcmNoIHJ1bm5pbmcgaW4gb3JkZXIgdG8gcnVuIEtpYmFuYS4gRnJvbSB0aGUgS2liYW5hIHBhY2thZ2UgcnVuIDxjb2RlPlsuXC9iaW5cL2tpYmFuYV08XC9jb2RlPi4gS2liYW5hIHdpbGwgYmUgZm91bmQgYXQgPGNvZGU+W2h0dHA6XC9cL2xvY2FsaG9zdDo1NjAxXS48XC9jb2RlPlRoaXMgaXMgd2hlcmUgeW91IHdpbGwgYmUgZG9pbmcgdGhlIGRhdGEgcXVlcnlpbmcgYW5kIHZpc3VhbGl6YXRpb24uPFwvc3Bhbj48XC9saT48bGkgc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiIGFyaWEtbGV2ZWw9XCIxXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPlJ1biBMb2dzdGFzaCB0byBjcmVhdGUgdGhlIGluZGV4LiBGcm9tIHRoZSBMb2dzdGFzaCBwYWNrYWdlIHJ1biA8Y29kZT5bLlwvYmluXC9sb2dzdGFzaCAtZiBsb2dzdGFzaC5jb25mXTxcL2NvZGU+IHdoZXJlIDxjb2RlPmxvZ3N0YXNoLmNvbmY8XC9jb2RlPiBpcyB0aGUgY29uZmlndXJhdGlvbiBmaWxlIHdlIGNyZWF0ZWQgYWJvdmUuPFwvc3Bhbj48XC9saT48bGkgc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiIGFyaWEtbGV2ZWw9XCIxXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPlJ1biBGaWxlYmVhdCB0byBtb25pdG9yIHRoZSBsb2dzIGFuZCBzZW5kIHRvIExvZ3N0YXNoLiBGcm9tIHRoZSBGaWxlYmVhdCBwYWNrYWdlIHJ1biA8Y29kZT5bLlwvZmlsZWJlYXQgLWVdPFwvY29kZT4uXHUwMGEwPFwvc3Bhbj48XC9saT48XC91bD48cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+RmlsZWJlYXQgYW5kIExvZ3N0YXNoIG9ubHkgbmVlZCB0byBydW4gb25jZSB1bmxlc3MgeW91IGFyZSBtb25pdG9yaW5nIGxvZ3MgaW4gcmVhbCB0aW1lLjxcL3NwYW4+PFwvcD4ifSwiZWxlbWVudHMiOltdLCJ3aWRnZXRUeXBlIjoidGV4dC1lZGl0b3IifQ==\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-f34f842 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"f34f842\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-3ac9557 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"3ac9557\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h2 class=\\\"elementor-heading-title elementor-size-large\\\">Querying and Visualizing<\\\/h2>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-aff954b flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"aff954b\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h3 class=\\\"elementor-heading-title elementor-size-medium\\\">Goals for Analyzing Logs<\\\/h3>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjZlZjAxOTIiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+RGVwZW5kaW5nIG9uIHRoZSB1c2UgY2FzZSwgeW91IGNhbiBmb2N1cyBvbiBkaWZmZXJlbnQgdGhpbmdzIHdoZW4gcXVlcnlpbmcgYW5kIHZpc3VhbGl6aW5nIGxvZ3MuIFNvbWUgcXVlc3Rpb25zIGNhbiBiZSBhbnN3ZXJlZCBieSBxdWVyeWluZyBLaWJhbmEsIHdoaWxlIGluIG90aGVyIGNpcmN1bXN0YW5jZXMgc2V0dGluZyB1cCBhIHZpc3VhbGl6YXRpb24gaXMgbW9yZSBoZWxwZnVsLiBTaW5jZSB5b3UgYXJlIGFscmVhZHkgaW50ZXJlc3RlZCBpbiBsb2cgYW5hbHlzaXMgeW91IHByb2JhYmx5IGhhdmUgc29tZSBzcGVjaWZpYyBtZXRyaWNzIGluIG1pbmQsIGJ1dCBzb21lIGNvbW1vbiBhbmFseXNpcyBnb2FscyBpbmNsdWRlOjxcL3NwYW4+PFwvcD48dWw+PGxpIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIiBhcmlhLWxldmVsPVwiMVwiPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5TZWVpbmcgaG93IGxvbmcgZ2FyYmFnZSBjb2xsZWN0aW9uIHRha2VzPFwvc3Bhbj48XC9saT48bGkgc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiIGFyaWEtbGV2ZWw9XCIxXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPktub3dpbmcgaG93IG1hbnkgc2VhcmNoZXMgaGF2ZSBiZWVuIHJ1biBvdmVyIGEgZ2l2ZW4gdGltZSAocGVyIG1pbnV0ZVwvaG91clwvd2Vlayk\\\/PFwvc3Bhbj48XC9saT48bGkgc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiIGFyaWEtbGV2ZWw9XCIxXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPklkZW50aWZ5aW5nIHRoZSBxdWVyaWVzIHRoYXQgdGFrZSB0aGUgbG9uZ2VzdCB0aW1lIHRvIGV4ZWN1dGU8XC9zcGFuPjxcL2xpPjxsaSBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCIgYXJpYS1sZXZlbD1cIjFcIj48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+SWRlbnRpZnlpbmcgbW9zdCBjb21tb24gcXVlcmllcyBpc3N1ZWQgdG8gYSBjb2xsZWN0aW9uPFwvc3Bhbj48XC9saT48bGkgc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiIGFyaWEtbGV2ZWw9XCIxXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPlZpc3VhbGl6aW5nIHNwaWtlcyBpbiBxdWVyeSB0cmFmZmljXHUwMGEwPFwvc3Bhbj48XC9saT48bGkgc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiIGFyaWEtbGV2ZWw9XCIxXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPlNlZWluZyBob3cgb2Z0ZW4gY29tbWl0cyBhcmUgb2NjdXJyaW5nPFwvc3Bhbj48XC9saT48XC91bD4ifSwiZWxlbWVudHMiOltdLCJ3aWRnZXRUeXBlIjoidGV4dC1lZGl0b3IifQ==\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-133a476 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"133a476\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-ec0e076 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"ec0e076\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h3 class=\\\"elementor-heading-title elementor-size-medium\\\">Example Queries against Elasticsearch Index<\\\/h3>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjA3ODkzZDgiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+UXVlcnlpbmcgYWdhaW5zdCB5b3VyIG5ld2x5IGNyZWF0ZWQgaW5kZXggaXMgc2ltcGxlIHdpdGggS2liYW5hLiBHbyB0byB0aGUgbWVudSBvbiB0aGUgdG9wIGxlZnQgYW5kIHNjcm9sbCBhbGwgdGhlIHdheSBkb3duIHRvIE1hbmFnZW1lbnRcL0RldiBUb29scy4gRnJvbSBoZXJlIHlvdSBjYW4gY3JlYXRlIHF1ZXJpZXMgaW4gdGhlIENvbnNvbGUgYW5kIHRlc3QgeW91ciBHcm9rIHN0YXRlbWVudHMgaW4gdGhlIEdyb2sgRGVidWdnZXIuIEZvciBoZWxwIHVuZGVyc3RhbmRpbmcgdGhlIHNwZWNpZmljIHF1ZXJ5IHN5bnRheCwgaGVyZSBpcyBzb21lIDxcL3NwYW4+PGEgaHJlZj1cImh0dHBzOlwvXC93d3cuZWxhc3RpYy5jb1wvZ3VpZGVcL2VuXC9lbGFzdGljc2VhcmNoXC9yZWZlcmVuY2VcL2N1cnJlbnRcL3F1ZXJ5LWRzbC5odG1sXCI+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPmRvY3VtZW50YXRpb248XC9zcGFuPjxcL2E+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPi48XC9zcGFuPjxcL3A+PHA+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPlRoZXJlIGFyZSBzb21lIHNpbXBsZSBxdWVyaWVzIHRoYXQgeW91IGNhbiB1c2UgdG8gc3RhcnQgb2ZmIHdpdGg6PFwvc3Bhbj48XC9wPjxwPjxlbT5UbyBnZXQgYWxsIHRoZSBpbmRpY2VzIHNvIHlvdSBjYW4gZW5zdXJlIHRoZSBpbmRleCB3YXMgY3JlYXRlZDpcdTAwYTA8XC9lbT48XC9wPiJ9LCJlbGVtZW50cyI6W10sIndpZGdldFR5cGUiOiJ0ZXh0LWVkaXRvciJ9\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-de6ee2a flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"de6ee2a\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard \\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language-sql \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-sql\\\">\\n\\t\\t\\t\\t\\t<xmp>GET _cat\\\/indices<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6Ijc2YjdlZGEiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD5cdTAwYTA8XC9wPjxwPjxlbT48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+VG8gZ2V0IGFsbCBpbmZvcm1hdGlvbiBmcm9tIG9uZSBpbmRleDpcdTAwYTAgPFwvc3Bhbj48XC9lbT48XC9wPiJ9LCJlbGVtZW50cyI6W10sIndpZGdldFR5cGUiOiJ0ZXh0LWVkaXRvciJ9\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-7816561 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"7816561\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard \\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp>GET \\\/<index-name>\\\/_search \\n{\\n  \\\"query\\\": {\\n    \\\"match_all\\\": {}\\n  }\\n}<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjkzMjZhYzUiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD5cdTAwYTA8XC9wPjxwPjxlbT5GaW5kaW5nIHRoZSBsb25nZXN0LXJ1bm5pbmcgc2VhcmNoOjxcL2VtPjxcL3A+In0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6InRleHQtZWRpdG9yIn0=\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-c2d2c03 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"c2d2c03\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard \\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp>GET \\\/<index-name>\\\/_search \\r\\n{\\r\\n  \\\"query\\\": {\\r\\n    \\\"bool\\\": {\\r\\n      \\\"must\\\": [\\r\\n        {\\r\\n          \\\"term\\\": {\\r\\n            \\\"path_s.keyword\\\": {\\r\\n              \\\"value\\\": \\\"\\\/select\\\"\\r\\n            }\\r\\n          }\\r\\n        }\\r\\n      ]\\r\\n    }\\r\\n  },\\r\\n  \\\"aggs\\\": {\\r\\n    \\\"doc_with_max_qTime\\\": {\\r\\n      \\\"top_hits\\\": {\\r\\n        \\\"sort\\\": [\\r\\n          {\\r\\n            \\\"qtime_i\\\": {\\r\\n              \\\"order\\\": \\\"desc\\\"\\r\\n            }\\r\\n          }\\r\\n        ],\\r\\n        \\\"size\\\": 1\\r\\n      }\\r\\n    }\\r\\n  },\\r\\n  \\\"size\\\": 0\\r\\n}<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjlhNWU1NTIiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD5cdTAwYTA8XC9wPjxwPjxlbT5GaW5kaW5nIHRoZSBtb3N0IGNvbW1vbiBxdWVyeTo8XC9lbT48XC9wPiJ9LCJlbGVtZW50cyI6W10sIndpZGdldFR5cGUiOiJ0ZXh0LWVkaXRvciJ9\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-4422572 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"4422572\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard \\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp>GET \\\/<index-name>\\\/_search \\r\\n{\\r\\n  \\\"aggs\\\": {\\r\\n    \\\"frequent_query\\\": {\\r\\n      \\\"terms\\\": {\\r\\n        \\\"field\\\": \\\"q.keyword\\\"\\r\\n      }\\r\\n    }\\r\\n  },\\r\\n  \\\"size\\\": 0\\r\\n}<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImI4ZmY4YzUiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD5cdTAwYTA8XC9wPjxwPjxlbT48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+RmluZGluZyBwZXJjZW50aWxlcyAoYWdncmVnYXRpbmcgb24gcXVlcnkgdGltZSk6PFwvc3Bhbj48XC9lbT48XC9wPiJ9LCJlbGVtZW50cyI6W10sIndpZGdldFR5cGUiOiJ0ZXh0LWVkaXRvciJ9\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-6ca9ee1 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-code-highlight\\\" data-id=\\\"6ca9ee1\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"code-highlight.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"prismjs-default copy-to-clipboard \\\">\\n\\t\\t\\t<pre data-line=\\\"\\\" class=\\\"highlight-height language- \\\">\\n\\t\\t\\t\\t<code readonly=\\\"true\\\" class=\\\"language-\\\">\\n\\t\\t\\t\\t\\t<xmp>GET \\\/<index-name>\\\/_search \\n{\\n  \\\"aggs\\\": {\\n    \\\"qTime_percentiles\\\": {\\n      \\\"percentiles\\\": {\\n        \\\"field\\\": \\\"qtime_i\\\",\\n        \\\"percents\\\": [\\n          90,\\n          95,\\n          99\\n        ]\\n      }\\n    }\\n  },\\n  \\\"size\\\": 0\\n}<\\\/xmp>\\n\\t\\t\\t\\t<\\\/code>\\n\\t\\t\\t<\\\/pre>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-04fc183 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"04fc183\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-df5deda flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"df5deda\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h3 class=\\\"elementor-heading-title elementor-size-medium\\\">Example Visualizations with Kibana<\\\/h3>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjQ5NTBmZmIiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+T25jZSB5b3UgdW5kZXJzdGFuZCB0aGUgZGF0YSB0aGF0IHlvdSBhcmUgbG9va2luZyBhdCwgeW91IGNhbiBjcmVhdGUgYSBkYXNoYm9hcmQgd2l0aCB2aXN1YWxpemF0aW9ucy4gQ3JlYXRlIGEgdmlzdWFsaXphdGlvbiBieSBuYXZpZ2F0aW5nIHRvIEFuYWx5dGljcyAtJmd0OyBEaXNjb3ZlciBvciBBbmFseXRpY3MmbmJzcDsgLSZndDsgRGFzaGJvYXJkIGlmIHlvdSBhbHJlYWR5IGtub3cgd2hhdCB5b3VcdTIwMTlkIGxpa2UgdG8gbWFrZSB1cCBhIGRhc2hib2FyZC4gPFwvc3Bhbj48XC9wPjxwPjxzcGFuIHN0eWxlPVwiZm9udC13ZWlnaHQ6IDQwMDtcIj5UaGUgYWJpbGl0eSB0byBjcmVhdGUgdmlzdWFsaXphdGlvbnMgd2l0aCBLaWJhbmEgaXMgb25lIG9mIG91ciBmYXZvcml0ZSByZWFzb25zIHRvIGxvb2sgYXQgU29sciBsb2dzIHVzaW5nIEVsYXN0aWMgc3RhY2suIEl0IGlzIGVhc3kgdG8gY3JlYXRlIGRhc2hib2FyZHMgdGhhdCBjb252ZXkgYSBsb3Qgb2YgaW5mb3JtYXRpb24gaW4gYW4gZWFzaWx5IGRpZ2VzdGlibGUgbWFubmVyLiBXaGlsZSBpdCBpcyBwb3NzaWJsZSB0byB1c2UgZ3JlcCBjb21tYW5kcyBpbiBhIGNvbnNvbGUgdG8gc2VlIGNvbW1pdHMgcGVyIGNvbGxlY3Rpb24sIHlvdSBjYW4gc2VlIGluIHRoaXMgZXhhbXBsZSB0aGF0IGEgdmlzdWFsaXphdGlvbiBpcyBhIGxvdCBlYXNpZXIgdG8gdW5kZXJzdGFuZCB0aGFuIHRoZSByZXN1bHRzIHlvdSB3b3VsZCBnZXQgZnJvbSBncmVwLjxcL3NwYW4+PFwvcD4ifSwiZWxlbWVudHMiOltdLCJ3aWRnZXRUeXBlIjoidGV4dC1lZGl0b3IifQ==\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-c506698 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-image\\\" data-id=\\\"c506698\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"image.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t<img width=\\\"1024\\\" height=\\\"642\\\" src=\\\"https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/KibanaLogExample-1024x642.png\\\" class=\\\"attachment-large size-large wp-image-28412\\\" alt=\\\"\\\" srcset=\\\"https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/KibanaLogExample-1024x642.png 1024w, https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/KibanaLogExample-300x188.png 300w, https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/KibanaLogExample-768x482.png 768w, https:\\\/\\\/kmwllc.com\\\/wp-content\\\/uploads\\\/2022\\\/12\\\/KibanaLogExample.png 1159w\\\" sizes=\\\"(max-width: 1024px) 100vw, 1024px\\\" \\\/>\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-c4507d3 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"c4507d3\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-49d5daa flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"49d5daa\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<h1 class=\\\"elementor-heading-title elementor-size-large\\\">Conclusion<\\\/h1>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImY2YWMwMzIiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJlZGl0b3IiOiI8cD48c3BhbiBzdHlsZT1cImZvbnQtd2VpZ2h0OiA0MDA7XCI+V2hpbGUgdGhlcmUgaXMgYSBiaXQgb2YgdXAtZnJvbnQgd29yayByZXF1aXJlZCB3aXRoIHRoaXMgYXBwcm9hY2gsIHRoZSBwYXlvZmYgaXMgaGF2aW5nIGEgZ3JlYXQgd2F5IHRvIGxvb2sgYXQgeW91ciBTb2xyIGxvZ3MgYm90aCBpbiByZWFsIHRpbWUgb3IgYXMgbmVlZGVkLiBMZXQgdXMga25vdyB3aGF0IHR5cGUgb2YgcXVlc3Rpb25zIHlvdSBob3BlIHRvIGFuc3dlciB3aGVuIGxvb2tpbmcgYXQgeW91ciBTb2xyIGxvZ3MsIGFuZCBpZiB5b3UgaGF2ZSBvdGhlciBhcHByb2FjaGVzIHRoYXQgeW91IHByZWZlci48XC9zcGFuPjxcL3A+PHA+PHNwYW4gc3R5bGU9XCJmb250LXdlaWdodDogNDAwO1wiPklmIHlvdVx1MjAxOXJlIGV4cGVyaWVuY2luZyBpc3N1ZXMgd2l0aCB5b3VyIFNvbHIgKG9yIEVsYXN0aWNzZWFyY2gsIG9yIE9wZW5zZWFyY2gpIGNsdXN0ZXIgb3IgbmVlZCBoZWxwIGludGVycHJldGluZyB5b3VyIGxvZ3MsIHBsZWFzZSBjb250YWN0IHVzIVx1MDBhMDxcL3NwYW4+PFwvcD4ifSwiZWxlbWVudHMiOltdLCJ3aWRnZXRUeXBlIjoidGV4dC1lZGl0b3IifQ==\\\"]\\t\\t\\t<\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-192510c elementor-hidden-tablet elementor-hidden-mobile\\\" data-id=\\\"192510c\\\" data-element_type=\\\"column\\\" data-e-type=\\\"column\\\">\\n\\t\\t\\t<div class=\\\"elementor-widget-wrap\\\">\\n\\t\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-column elementor-col-33 elementor-top-column elementor-element elementor-element-1f6e963\\\" data-id=\\\"1f6e963\\\" data-element_type=\\\"column\\\" data-e-type=\\\"column\\\">\\n\\t\\t\\t<div class=\\\"elementor-widget-wrap elementor-element-populated\\\">\\n\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-421c760 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"421c760\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<div class=\\\"title-h6 elementor-heading-title elementor-size-small\\\">Share post<\\\/div>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImQ5NzA3MTkiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJwaW50ZXJlc3QiOiIiLCJ0dW1ibHIiOiIiLCJ0ZWxlZ3JhbSI6IiIsIndoYXRzYXBwIjoiIiwidmliZXIiOiIiLCJ4aW5nIjoiIiwiX19nbG9iYWxzX18iOnsiaWNvbnNfY29sb3IiOiJnbG9iYWxzXC9jb2xvcnM\\\/aWQ9NDI4ZjI3NyJ9fSwiZWxlbWVudHMiOltdLCJ3aWRnZXRUeXBlIjoidGhlZ2VtLXNvY2lhbC1zaGFyaW5nIn0=\\\"]\\t\\t<div class=\\\"elementor-element elementor-element-e841371 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"e841371\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-e2adb0d flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-heading\\\" data-id=\\\"e2adb0d\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"heading.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t<div class=\\\"title-h6 elementor-heading-title elementor-size-small\\\">More From the KMW Blog<\\\/div>\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6IjJjM2M2M2YiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJ0aGVnZW1fZWxlbWVudG9yX3ByZXNldCI6ImNvbXBhY3QtdGlueS0yIiwic291cmNlIjpbInBvc3RzIl0sImV4Y2x1ZGVfYmxvZ19wb3N0cyI6WyIyODA3NSJdLCJzaG93X3NlcGFyYXRvciI6IiIsInNob3dfY29tbWVudHMiOiIiLCJyZWFkbW9yZV9idXR0b25fdGV4dCI6IlJlYWQgTW9yZSIsImxvYWRtb3JlX2J1dHRvbl90ZXh0IjoiTG9hZCBNb3JlIiwiY2FwdGlvbl9jYXRlZ29yaWVzX2luX3RleHQiOiJpbiAiLCJjYXB0aW9uX2F1dGhvcl9ieV90ZXh0IjoiQnkiLCJyZWxhdGVkX2J5IjpbXSwic291cmNlX3R5cGUiOiJjdXN0b20iLCJwYWdpbmF0aW9uX3R5cGUiOiJudW1iZXJzIn0sImVsZW1lbnRzIjpbXSwid2lkZ2V0VHlwZSI6InRoZWdlbS1ibG9nbGlzdCJ9\\\"]\\t\\t\\t<\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t<\\\/div><\\\/div>\\r\\n\\t\\t<\\\/section>\\r\\n\\t\\t\\t\\t<section class=\\\"elementor-section elementor-top-section elementor-element elementor-element-8890d36 elementor-section-boxed elementor-section-height-default elementor-section-height-default\\\" data-id=\\\"8890d36\\\" data-element_type=\\\"section\\\" data-e-type=\\\"section\\\">\\r\\n\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-container elementor-column-gap-no\\\"><div class=\\\"elementor-row\\\">\\r\\n\\t\\t\\t\\t\\t<div class=\\\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-dabf496\\\" data-id=\\\"dabf496\\\" data-element_type=\\\"column\\\" data-e-type=\\\"column\\\">\\n\\t\\t\\t<div class=\\\"elementor-widget-wrap elementor-element-populated\\\">\\n\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-element elementor-element-fb84fb3 flex-horizontal-align-default flex-horizontal-align-tablet-default flex-horizontal-align-mobile-default flex-vertical-align-default flex-vertical-align-tablet-default flex-vertical-align-mobile-default elementor-widget elementor-widget-spacer\\\" data-id=\\\"fb84fb3\\\" data-element_type=\\\"widget\\\" data-e-type=\\\"widget\\\" data-widget_type=\\\"spacer.default\\\">\\n\\t\\t\\t\\t<div class=\\\"elementor-widget-container\\\">\\n\\t\\t\\t\\t\\t\\t\\t<div class=\\\"elementor-spacer\\\">\\n\\t\\t\\t<div class=\\\"elementor-spacer-inner\\\"><\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t\\t<\\\/div>\\n\\t\\t\\t\\t<\\\/div>\\n\\t\\t[elementor-element k=\\\"9109a976d8649ee6d2c8fef8daebbb8b\\\" data=\\\"eyJpZCI6ImFlNjJkZGYiLCJlbFR5cGUiOiJ3aWRnZXQiLCJzZXR0aW5ncyI6eyJwcmV2X2xhYmVsIjoiUHJldmlvdXMgUG9zdCIsIm5leHRfbGFiZWwiOiJOZXh0IFBvc3QiLCJzaG93X2JvcmRlcnMiOiIiLCJ0aXRsZV90eXBvZ3JhcGh5X3R5cG9ncmFwaHkiOiJjdXN0b20iLCJ0aXRsZV90eXBvZ3JhcGh5X2ZvbnRfc2l6ZSI6eyJ1bml0IjoicHgiLCJzaXplIjoxNCwic2l6ZXMiOltdfSwidGl0bGVfdHlwb2dyYXBoeV9mb250X3dlaWdodCI6IjcwMCIsIl9fZ2xvYmFsc19fIjp7ImFycm93X2NvbG9yIjoiZ2xvYmFsc1wvY29sb3JzP2lkPXByaW1hcnkiLCJsYWJlbF9jb2xvciI6Imdsb2JhbHNcL2NvbG9ycz9pZD1zZWNvbmRhcnkifSwiYXJyb3ciOiJmYSBmYS1jYXJldC1sZWZ0Iiwic2hvd19hcnJvdyI6IiJ9LCJlbGVtZW50cyI6W10sIndpZGdldFR5cGUiOiJnbG9iYWwiLCJ0ZW1wbGF0ZUlEIjoyODA4M30=\\\"]\\t\\t\\t<\\\/div>\\n\\t\\t<\\\/div>\\n\\t\\t\\t\\t\\t<\\\/div><\\\/div>\\r\\n\\t\\t<\\\/section>\\r\\n\\t\\t\",\"scripts\":[],\"styles\":[]}}"]},"jetpack_featured_media_url":"https:\/\/kmwllc.com\/wp-content\/uploads\/2022\/12\/blog_LogAnalysisElk_min.png","menu_order":0,"_links":{"self":[{"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/posts\/28075","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/comments?post=28075"}],"version-history":[{"count":10,"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/posts\/28075\/revisions"}],"predecessor-version":[{"id":30202,"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/posts\/28075\/revisions\/30202"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/media\/29692"}],"wp:attachment":[{"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/media?parent=28075"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/categories?post=28075"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kmwllc.com\/index.php\/wp-json\/wp\/v2\/tags?post=28075"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}