dkkapur
commented
5 years ago Would recommend using EventFlow here to get your ETW events to your Elastic setup. We have a sample that shoes how to do this - either as a windows app you can deploy to your servers, or via a SF service that runs in your cluster alongside your workloads. The former approach is recommended, though will require some additional set up with a script to deploy on each machine. This is so that you continue to get data even if SF is impacted and goes down for some reason.
Here's the link to the sample: https://github.com/dkkapur/service-fabric-monitoring-eventflow. Here's the sample EventFlow Config from this repo that shows sending ETW -> ELK: https://github.com/dkkapur/service-fabric-monitoring-eventflow/blob/master/service-fabric-service/ClusterMonitoringService/PackageRoot/Config/eventFlowConfig.json
Hi folks! Which non cloud tool can i use to monitoring SF and collecting platform level events, particular Reverse Proxy events. Elastic does not support forwarding event from ETW providers (https://github.com/elastic/beats/issues/2073). I can use data collector set to collect events in etl file on each node in cluster, but it is very uncomfortable.