Tag Archives: ELK

ELK tutorial: part 3

Installing and configuring Logstash-Forwarder On the central server, create a folder called ‘/etc/pki/tls/certs’ and ‘/etc/pki/tls/private’: ubuntu@elk: sudo mkdir -p /etc/pki/tls/certs ubuntu@elk: sudo mkdir /etc/pki/tls/private Because logstash-forwarder is using an SSL connection to the ELK server, we will need to create a certificate. To do so, add the following to your ‘/etc/ssl/openssl.cfg’ file (most likely the v3_ca tag is… Read More »

ELK tutorial: part 2

Introduction In part 1, we installed the ELK stack. This part will focus on the configuration of it. We’ll keep it rather simple for now. We will process a local Apache access log file and visualize it using Kibana. Let’s get started! Configuring Logstash Logstash needs a configuration file. input { stdin { } } filter { grok… Read More »

ELK tutorial: part 1

[keen] Introduction I have recently been playing around with Elastisearch, Logstash and Kibana, often referred to as the ELK stack. Installing ELK Installing ELK is rather simple. To do so, go to the Elastic website (here) and download each package. As I’m running on Ubuntu (fresh install on Openstack), I’m downloading the equivalent packages for each service: ubuntu@elk:~$… Read More »