[ELK Series] OOTB Connection between ELK and TIBCO TEA

If you have been followed these post series as a result of the last post we launch our ELK stack using docker, so we have all our components up and running to start integrating both of these worlds. And we are going to start with the log files from the TIBCO Enterprise Administrator, TIBCO TEA.

So, to do this integration we need to send the data inside the TEA log files to our Logstash instance. The Logstash is listening connections at the 5000 TCP port, so we need to send the data to that location. To do that, we are going to use one common tool from the UNIX world, netcat.

The netcat tool (command nc) is a simple tool for unix that allows to establish TCP connections to the IP and port that you want and send the data that you want. The parameters of the command are the following:

nc <host> <port>

After that command we established the connection and anything we type in the console is sent to that location. But in our case we don’t want to send any typed data but the contents of our log. So we are going to use the pipe to do the trick:

tail -f tea.log | nc 192.168.3.129 5000

This is a concrete example where the logstash is listening at the IP: 192.168.3.129 and we are running the command inside the log folder of the TEA installation (in my case, that location is: /home/user/tibco/tibco/cfgmgmt/tea/logs but yours could be another one depeding on the details of your installation)

After that we could go to our Kibana instance. If you remembered from the other posts, Kibana is the GUI of this stack is the one who is going to give a visual of all the data we sent.  The first thing we have to do when we start Kibana is to create a index for the logstash. We are going to be in the index page by default and we only have to use the pattern that it suggest to us (logstash-*) and that’s all.

After that, we are going to see like a bar graph with the information we receive from the TIBCO TEA as you can see here:

Kibana

That’s not to useful yet because of the following things:

  • We only have the logs traces that belongs to the TEA, so we are not going to receive any log from the BW Agent.
  • We are using the logstash default schema, so all the “important” information related to our TIBCO BW/TEA installation is inside the “message” field.

But this is a journey and we did a step forward. In following posts we are going to continue our path to finish this journey in a successful way for all of us!

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s