Essential ELK Stack Tools to Boost Your DevOps Efficiency

1. Introduction

As the saying goes, a craftsman needs good tools; learning and practicing the ELK Stack is no exception, so I share the efficient tools I use at work, hoping to improve development and operations efficiency.

2. Tool Overview

2.1 Basic Tools

Head Plugin

Provides ES cluster status view, index data view, and Elasticsearch DSL implementation for CRUD operations; also useful for JSON formatting.

Address: http://mobz.github.io/elasticsearch-head/

Kibana

Beyond data visualization, Kibana’s Dev Tools support RESTful API CRUD, making it more convenient than Postman or curl.

Address: https://www.elastic.co/products/kibana

ElasticHD

Strong feature – supports SQL‑to‑DSL conversion, useful as a reference.

Address: https://github.com/360EntSecGroup-Skylar/ElasticHD

2.2 Cluster Monitoring Tools

Cerebro

Address: https://github.com/lmenezes/cerebro

Elasticsearch‑HQ

Web UI for managing Elasticsearch clusters and performing queries.

Address: https://github.com/royrusso/elasticsearch-HQ

2.3 Cluster Migration Tools

Elasticsearch‑migration

Supports data migration across versions using scroll + bulk.

Address: https://github.com/medcl/elasticsearch-migration

Elasticsearch‑Exporter

Simple script to export Elasticsearch data to other destinations.

Address: https://github.com/mallocator/Elasticsearch-Exporter

Elasticsearch‑dump

Tool for moving and backing up indices.

Address: https://github.com/taskrabbit/elasticsearch-dump

2.4 Cluster Data Processing Tools

elasticsearch‑curator

Official tool to retain only recent data (e.g., keep the last seven days).

Address: https://pypi.python.org/pypi/elasticsearch-curator

Note: Elasticsearch 6.3 introduces Index Lifecycle Management for easier index retention policies.

2.5 Security Tools

x‑pack

Address: https://www.elastic.co/downloads/x-pack

Search Guard

Security plugin providing authentication, authorization, audit logging, and document/field‑level security; integrates with LDAP/Kerberos, Kibana, and Logstash.

Address: https://github.com/floragunncom/search-guard

2.6 Visualization Tools

Grafana

Compared with Kibana: Kibana suits simple, single‑source data; Grafana handles many data sources and complex business lines, reducing workload.

Address: https://grafana.com/grafana

2.7 Automation Ops Tools

Ansible

Address: https://github.com/elastic/ansible-elasticsearch

Puppet

Address: https://github.com/elastic/puppet-elasticsearch

Cookbook

Address: https://github.com/elastic/cookbook-elasticsearch

2.8 SQL‑like Query Tools

Elasticsearch‑sql

SQL‑style query tool by the NLP‑china team.

Address: https://github.com/NLPchina/elasticsearch-sql

Note: Elasticsearch 6.3+ will integrate SQL natively.

2.9 Enhancement Tools

Conveyor

Kibana plugin for graphical data import.

Address: http://t.cn/REOhwGT

kibana_markdown_doc_view

Kibana plugin that displays documentation in markdown format.

Address: http://t.cn/REOhKgB

indices_view

Newegg’s open‑source Kibana app for quickly viewing Elasticsearch index information.

Address: https://gitee.com/newegg/indices_view

Dremio

Supports SQL‑to‑DSL conversion, visual processing of multiple formats (Elasticsearch, MySQL, Oracle, Mongo, CSV), and multi‑table joins in Elasticsearch.

Address: https://www.dremio.com/

2.10 Alerting Tools

ElastAlert

Open‑source alert framework by Yelp, similar to Elastic’s Watcher.

Address: http://elastalert.readthedocs.org/

Example: Sends email alerts when logs contain significant events.

Sentinl

Extends Siren Investigate and Kibana with alert and reporting capabilities, programmable validators, configurable actions, and PNG/PDF snapshots.

Address: https://github.com/sirensolutions/sentinl

3. Conclusion

Just as Lu Xun’s “Kong Yiji” wonders about the different ways to write the character for fennel, the right tool for your needs is the best choice.