Category: Network
-
ELK ILM
ELK uses a watermark, when disk space reaches X% (90% I believe), it stops performing, and shuts down services. For this reason it’s important to have a good sense of data maintenance. How long do you need your data? 5 days? 7 days? 30 days? How much disk space do you have available to you?…
-
QA Lab Monitoring with ELK
ELK I got into the ELK (Elasticsearch, Logstash, Kibana) stack when I started working with an IDS called Suricata. I needed a front end to discern the data events happening on the network and ELK was a natural fit for Suricata. ELK provides a way of shipping and analyzing data from various sources. Data events…
-
Monitor Third Party Front-End Libraries
It’s always useful to keep track of what JS or CSS libraries are being pulled into the Front-End by hosted 3rd parties. Examples could be CDN’s. While there are services that charge for this monitoring, this can be accomplished with an Open Source stack. The Goal A web server’s access logs will make mention of…
-
ELK Dashboards for Load Balancers
Whether you’re using NGINX, HAPROXY or something else, ELK can be a useful tool in creating a dashboard for the log events of your load balancers. While this post is specifically covering load balancers, ELK can be configured for a variety of applications. As long as there are descent data events in the logs, ELK…
-
Filebeat Custom Field Processing for ELK
I had a recent project at work, where I needed to parse a load balancer log. The interesting part of the project was to capture data that was being added to the log. This short post will cover what I did to capture the data and render it in Kibana / ELK. If you have…