Visualisation log system

Question

I need a system with a web interface that would be displayed in the logs from different systems. This would be grouped together on a through identifier - common to all systems. Must be time search of events - as a result we would like to see a list of identifiers on click which could see pieces of logs from all systems in one place with this id. View Example (first event with ID) : 20.07.2015 10:10:10 644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b

When i click on ID 644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b execute spoiler (or open in new tab/window) with all logs from system as:

System 1: 20.07.2015 10:10:10 644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b Bla bla 20.07.2015 10:10:10 644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b Bla bla2

System 2: 20.07.2015 10:10:10 644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b 20.07.2015 10:10:10 644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b Bla bla2

System 3: 20.07.2015 10:10:10 644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b Custom string log 20.07.2015 10:10:10 644e1dd7-2a7f-18fb-b8ed-ed78c3f92c2b {json query log}

I think that ELK can do it, but i don't know how.

Answer 1

There is a way to achieve similar behavior in Kibana (ELK). You need to go through a couple of simple steps:

1. Define a visualization of the list of IDs
2. Define a visualization of a list of logs
3. Put both visualizations on a dashboard.

Now, once you click an identifier it will filter all events by that specific identifier.

You can install ELK on your own or use a SaaS like Logz.io (the company which I work for)