Geo-identification of web users through logs using ELK stack

Abstract

With the Internet penetration rate going higher, huge amount of log files are being generated, which contains hidden information having enormous business value. To unlock the hidden returns, log management system helps in making business decisions. Although, a lot of log management exist but they either fail to scale or are costly. Here efforts have been made to solve the shortcomings of prevailing log analyzer tools and this paper demonstrates the working of ELK ecosystem i.e. Elasticsearch, Logstash and Kibana clubbed together to efficiently analyze the log files and provide an interactive and easily understandable insights. Log management systems built on ELK stack are desired to analyze large log data sets while making the whole computation process easy to monitor through an interactive interface. Being from open source community ELK stack has many useful features for log analysis. Elasticsearch is used as Indexing, storage and retrieval engine. Logstash acts as a Log input slicer and dicer and output writer while Kibana performs Data visualization using dashboards. By implementing ELK ecosystem we have efficiently geo-identify the website users traffic using logs.