Nexeed
    • Introduction
    • Getting started
      • Getting access
      • Login
      • Main screen
      • Welcome dashboard
      • Detecting process anomalies
      • Analyzing data and detecting event sequences
      • Analyzing KPIs
    • How-tos
      • Monitors on production lines
        • Configuring the automatic login in the Nexeed Industrial Application System
        • Configuring the automatic login to the identity provider with the Windows user
        • Setting cookies in the browser
        • Configuring the automatic logout in the Nexeed Industrial Application System
        • Configuring the command line parameters in the browser
        • Known limitations and troubleshooting
      • Try out the APIs
    • Integration guide
      • Underlying concepts
        • Underlying concepts
        • Onboarding
        • Security
        • Communication
      • Integration journey
      • Overview of APIs
    • Operations manual
      • Release
      • System architecture and interfaces
      • System requirements
        • Cluster requirements
        • Database requirements
        • Support for service meshes
      • Migration from previous Nexeed IAS versions
      • Setup and configuration
        • Deployment process
        • Deployment with Helm
        • Advanced configuration
        • Integrations with external secret management solutions
        • Context paths
        • Service accounts and authorizations
        • Validation tests
        • Setup click once
        • Database user setup and configuration
      • Start and shutdown
      • Regular operations
        • User management & authentication
        • How to add additional tenants
        • How to access the cluster and pods
        • Automatic module role assignments in customer tenants
        • User credentials rotation - database and messaging secrets
      • Failure handling
        • Failure handling guidelines
        • Ansible operator troubleshooting
        • How to reach BCI for unresolved issues
      • Backup and restore
      • Logging and monitoring
        • The concept and conventions
        • ELK stack
        • ELK configurations aspects for beats
        • Proxy setup for ELK
        • Health endpoints configurations
      • Known limitations
      • Supporting functions
      • Security recommendations
        • Kubernetes
        • Security Best Practices for Databases
        • Certificates
        • Threat detection tools
    • Infrastructure manual
      • Release
      • System architecture and interfaces
        • RabbitMQ version support
      • System requirements
      • Migration from previous Nexeed infrastructure versions
      • Setup and configuration
        • Deployment process of the Nexeed infrastructure Helm chart
        • Deployment with Helm
      • Start and shutdown
      • Regular operations
        • RabbitMQ
          • User management & authentication
          • Disk size change
          • Upgrade performance with high performant disk type
          • Pod management policy
      • Failure handling
        • Connection failures
        • Data safety on the RabbitMQ side
        • Fix RabbitMQ cluster partitions
        • Delete unsynchronized RabbitMQ queues
        • How to reach BCI for unresolved issues
      • Backup and restore
      • Logging and monitoring
      • Known limitations
    • Glossary
    • Further information and contact
Industrial Application System
  • Industrial Application System
  • Core Services
    • Block Management
    • Deviation Processor
    • ID Builder
    • Multitenant Access Control
    • Notification Service
    • Ticket Management
    • Web Portal
  • Shopfloor Management
    • Andon Live
    • Global Production Overview
    • KPI Reporting
    • Operational Routines
    • Shift Book
    • Shopfloor Management Administration
  • Product & Quality
    • Product Setup Management
    • Part Traceability
    • Process Quality
    • Setup Specs
  • Execution
    • Line Control
    • Material Management
    • Order Management
    • Packaging Control
    • Rework Control
  • Intralogistics
    • AGV Control Center
    • Stock Management
    • Transport Management
  • Machine & Equipment
    • Condition Monitoring
    • Device Portal
    • Maintenance Management
    • Tool Management
  • Enterprise & Shopfloor Integration
    • Archiving Bridge
    • Data Publisher
    • Direct Data Link
    • Engineering UI
    • ERP Connectivity
    • Gateway
    • Information Router
    • Master Data Management
    • Orchestrator

Nexeed Learning Portal
  • Industrial Application System
  • Operations manual
  • Logging and monitoring
  • ELK stack
preview 2025.03.00

ELK stack

One solution that can collect and centralize logs, traces, and metrics from all the modules deployed in one Nexeed IAS is the ELK Stack (https://www.elastic.co/what-is/elk-stack).

The ELK Stack is a collection of three open source projects: Elasticsearch, Logstash, and Kibana, all developed, managed and maintained by Elastic.

  • Elasticsearch - is an open source, full-text search and analysis engine based on Apache Lucene search engine.

  • Logstash - is a log aggregator that collects data from various input sources, execute different transformations and enhancements and than ship the data to various supported output destinations (in our case Elasticsearch).

  • Kibana - is a visualization layer that works on top of Elasticsearch, providing users with the ability to analyze and visualize the data.

  • Beats - last but not least beats are lightweight agents that are installed on hosts to collect logs, traces and metrics and for forwarding it into the stack.

General considerations

To collect logs and metrics from all Nexeed modules, Elastic beats have to be deployed on each node of the kubernetes cluster. The following beats will be deployed as daemonsets:

  • filebeat

  • metricbeat

Deploying these beats as containers inside kubernetes imply some additional configuration items to be aware of. The full details are in the documentation “run filebeat / metricbeat inside kubernetes” but in short:

  • you need to mount both the host machine’s proc filesystem and the cgroup filesystem inside of the container for metricbeat

  • for filebeat you will need to mount /var/lib/docker/containers and /var/log inside container

ELK Cluster can be self hosted on premise or can be used in cloud as a service from Elastic. Of course the main advantage of using it as a service is that the operational aspects of the infrastructure will be managed by Elastic and you will only need to configure and deploy the beats that will collect and send data.

A helm chart for monitoring with the ELK stack is available and can be used. It supports logging to elastic cloud service and deploy metricbeat, filebeat and heartbeat inside the cluster. To gather additional information from kubernetes API we also deploy kube-state-metrics. Heartbeat is used to monitor periodically a configured list of endpoints and based on this information we can trigger alerts when these endpoints are down. For metricbeat the chart also creates a deployment (running alongside metricbeat daemonset) which will gather some metrics for MSSQL, RabbitMQ and query the state of kubernetes cluster (like events and resource status). To properly configure this chart you will need to set the following global variables during deployment:

Name Description

enabled

Set to true to enable this chart

nexeedMonitoringElasticCloudId

The elastic cloud ID.

nexeedMonitoringElasticCloudAuth

The elastic cloud Auth (username and password separated by colon)

nexeedMonitoringOutputTarget

It configures the output used for the chart and can be elastic cloud. The value for this variable should be set to: elastic for monitoring with elastic cloud service.

nexeedDeploymentTarget

The value of this variable is added on each document ingested to elastic in customer.id field in the format: nexeedDeploymentTarget@nexeedHost

As a local variable you should supply the value for deviceportalGlobalHealthCheckPassword which is the password for device portal open search module health check (for user health_check).

This monitoring chart is delivered as is and is not covered by support policy of Nexeed application.

Contents

© Robert Bosch Manufacturing Solutions GmbH 2023-2025, all rights reserved

Changelog Corporate information Legal notice Data protection notice Third party licenses