The monitoring architecture collects logs and metrics from other nodes and provides dashboards for visualization. It is fairly modular since the core network produces log files which can then be consumed by any logging and analytics pipelines that support tailing log files.

Currently, we provide deployment scripts for Filebeat + the ELK stack as the default pipeline.

Security considerations

Elasticsearch and Logstash ports must be protected from public access, otherwise malicious actors can introduce garbage logs into the pipelines.

The Kibana port also needs to be protected from public access, however, a permissioned access model might be a better fit here to selectively allow people to access logs and create visualizations. An example would be to use Nginx + TLS + HTTP Basic Auth.