Get in Touch

Course Outline

Introduction

  • Comprehensive overview of the Elastic Stack (ELK)

Module 1: ELK Stack Architecture and Review of Existing Environment

  • Assessment of Altor CB's current architecture
  • ELK architecture deep-dive: Elasticsearch, Logstash, Kibana, Beats
  • Distinguishing between Ingest nodes and Logstash
  • Scalability and performance optimization for on-premise deployments
  • Administration best practices

Module 2: Beats – Distributed Monitoring (2 hours)

  • Configuration and utilization of Filebeat, Auditbeat, Winlogbeat, and Packetbeat
  • Securing data transmission via SSL
  • Evaluating preconfigured modules versus custom inputs
  • Integration strategies with Logstash and Ingest Pipelines

Module 3: Parsing and Ingesting Logs from Applications and Databases (4 hours)

  • Acquiring custom logs from applications
  • Employing Logstash for data parsing and transformation
  • Utilizing filters: grok, dissect, kv, mutate, date
  • Establishing database connections (Oracle, PostgreSQL, SQL Server) via JDBC input plugin
  • Practical scenarios: handling error logs, audit trails, traces, and slow queries

Module 4: Advanced Search and Regular Expressions (2 hours)

  • Mastering advanced search syntax in Kibana
  • Applying regular expressions (regex)
  • Constructing filters with OR/AND logic
  • Navigating nested fields and arrays
  • Storing and reusing queries and filters

Module 5: Custom Dashboards and Visualizations in Kibana (3 hours)

  • Exploring visualization types: bar charts, line graphs, maps, tables
  • Understanding aggregations and metrics
  • Implementing dynamic filters, controls, and drill-down functionalities
  • Sharing dashboards across teams
  • Practical exercises: building dashboards from database and system logs

Module 6: Alerts and Email Notifications (3 hours)

  • Overview of Watcher and alternative tools (ElastAlert, Kibana Alerts)
  • Designing custom conditions and triggers
  • Configuring email output settings
  • Exercise: triggering alerts for critical events detected in Windows or database logs

Module 7: User and Permission Management (2 hours)

  • Introduction to X-Pack and its free-tier options
  • Creating distinct users and roles
  • Enforcing access control based on index, dashboard, and query parameters
  • Exercise: defining roles for audit and operational teams

Module 8: Elasticsearch REST API (3 hours)

  • Understanding the fundamentals of Elasticsearch RESTful API
  • Executing GET and POST queries
  • Performing manual and automated indexing operations
  • Utilizing tools such as curl and Postman
  • Exercises: searching, inserting, deleting, and updating documents

Summary and Next Steps

Requirements

  • A foundational understanding of ELK Stack architecture and its core components
  • Practical experience in ingesting and visualizing logs using Kibana and Logstash
  • Competency with the Linux command line and basic scripting skills

Audience

  • System administrators
  • Infrastructure engineers
  • Technical teams looking to implement advanced log centralization capabilities
 21 Hours

Number of participants


Price per participant

Open Training Courses require 5+ participants.

Testimonials (2)

The content is very helpful, and the trainer makes it more easier to understand

Ibrahim Al mayahi - Vastech SA
Course - Advanced Elasticsearch and Kibana Administration

the profesionalism of the trainer; the way he tried to respond to all the questions; the review questions we had to ask: engaging us in conversations

Ioana
Course - Implementation and Administration of Elasticsearch

Upcoming Courses

Advanced ELK Stack for Log Management and Centralization

2026-07-15 09:30
21 hours
Bayan Lepas, iDEAL
21661 MYR (Online)
22396 MYR (Classroom)

Advanced ELK Stack for Log Management and Centralization

2026-07-29 09:30
21 hours
Kuala Lumpur KL Sentral
21661 MYR (Online)
22636 MYR (Classroom)

Advanced ELK Stack for Log Management and Centralization

2026-08-12 09:30
21 hours
Bayan Lepas, iDEAL
21661 MYR (Online)
22396 MYR (Classroom)

Advanced ELK Stack for Log Management and Centralization

2026-08-26 09:30
21 hours
Kuala Lumpur KL Sentral
21661 MYR (Online)
22636 MYR (Classroom)

Related Courses

Advanced Elasticsearch and Kibana Administration

 35 Hours

This instructor-led, live training in Malaysia (online or onsite) is designed for intermediate-level administrators and developers who wish to deepen their understanding of Elasticsearch administration, including advanced techniques for dashboard development in Kibana, as well as maintenance of the system.

By the end of this training, participants will be able to:

  • Set up and configure Elasticsearch and Kibana environments for advanced administration and dashboard development.
  • Create and manage Elasticsearch indices, mappings, and data models.
  • Develop advanced queries and filters to extract valuable insights from Elasticsearch data.
  • Design and build interactive dashboards in Kibana using various visualization types and techniques.
  • Implement best practices for Elasticsearch and Kibana administration, optimization, and troubleshooting.
Read more...

Implementation and Administration of Elasticsearch

 21 Hours

This instructor-led, live training in Malaysia (online or onsite) is aimed at beginner-level IT professionals and developers who wish to use Elasticsearch to store, search, and analyze data in real time.

By the end of this training, participants will be able to: install and configure Elasticsearch, index and query data, optimize search performance, and integrate Elasticsearch into applications.

Read more...

Elasticsearch Advanced Administration, Monitoring and Maintenance

 14 Hours

This instructor-led live training in Malaysia (online or onsite) targets advanced professionals who wish to effectively administer, monitor, and maintain Elasticsearch clusters for high performance and availability.

By the end of this training, participants will be able to:

  • Deploy and configure Elasticsearch clusters for high availability and performance.
  • Monitor and optimize Elasticsearch operations.
  • Integrate with Kibana and Logstash for advanced analytics and visualization.
  • Extend Elasticsearch functionality with plugins.
  • Scale Elasticsearch using clustering and sharding techniques.
Read more...

Elasticsearch for Developers

 14 Hours

This instructor-led, live training in Malaysia is aimed at software developers who wish to build search and analytics solutions using Elasticsearch.

The training starts with a discussion of the Elasticsearch architecture, including its distributed model and search API. This is followed by an explanation of Elasticsearch's functionality and how to best integrate it into an existing application.

Hands-on exercises make up an important part of the training, and give participants a chance to put into practice their knowledge while receiving feedback on their implementation and progress.

Read more...

ELK: Elasticsearch, Logstash and Kibana for Administrators

 14 Hours

This instructor-led, live training in Malaysia is aimed at system administrators who wish to set up an ELK stack (Elasticsearch, Logstash, Kibana). Please note that a minimum of 3 delegates is required for this course to proceed.

The training begins with a discussion of ELK architecture and functionality, then transitions to live lab implementation and practice. Hands-on exercises constitute a vital component of the training, providing participants with the opportunity to apply their knowledge while receiving feedback on their progress.

Read more...

Related Categories

Elasticsearch
Elasticsearch
Kibana
Kibana
Logstash
Logstash