参考：Threat Hunting: Log Monitoring Lab Setup with ELK (opens new window)

1. Elasticsearch: It is a restful search engine that stores or holds all of the collected Data.
2. Logstash: It is the Data processing component that sends incoming Data to Elasticsearch.
3. Kibana: A web interface for searching and visualizing logs.
4. Filebeat: A lightweight Single-purpose Data forwarder that can send data from thousands of machines to either Logstash or Elasticsearch.