Skip to content
forked from nightah/logstash

A starter repo for logstash config files for lancache / monolithic

Notifications You must be signed in to change notification settings

Mattz0r/logstash

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 

Repository files navigation

Monocache Logstash Config

This config is used to interpret monocache and squid logs in elastic search. It defines a filebeat endpoint through logstash and the groks required to separate out key game infomation for some of the CDNs. Also included is an export of our dashboards and visualisations to display results.

Installation

To install you will need to add the config to your logstash folder. The everything.json file can be imported through your kibabna instance by navigating to Management > Saved Objects and selecting import. You should note that the import will require your elastic to contain logs in order to match fields to an existing index.

Set your elastic search hosts

In the output section of the logstash.conf file you will need to change the hosts array to match the names of your elastic search hosts:

hosts    => [ 'es01','es02','es03' ]

Reference

These configs are provided to help give you a start for your elastic instance. We will be happy to help if we can but we do not intend to provide full support on your elk stack. We originally created ours following advice from ilumos at zeroping heros.

About

A starter repo for logstash config files for lancache / monolithic

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published