Highest Voted 'elk' Questions - Server Fault Stack Exchange

0

votes

1 answer

Parsing or Reformatting Logs before feeding them to Splunk or Elastic Search

I have very complex log messages, that I want to reduce to the most important fields in order to save quota. The log messages are multiline and there is a lot of redundant information in them. A solution is to script something to reformat these logs…

asked May 16 '19 at 15:30

gspoosi

131
4

0

votes

1 answer

rsyslog 8.24 and multiple omfwd

I want to forward *.* to remote host via TCP/IP. Also, I have local0 facility where messages are plain JSON messages and they has to be forwarded to same host, but other port (and uses same certificate for gTLS). I've made a config: # provides UDP…

rsyslog elk

asked Mar 26 '19 at 23:11

uosiu

1
1
1

0

votes

1 answer

logstash charset error (gelf)

I had some trouble with Logstash and Nginx (all running on Docker). On my docker-compose file i was trying to enable logging from Nginx container to Logstash: nginx: container_name: nginx image: nginx:latest volumes: -…

logging logstash docker-compose elk

asked Mar 06 '19 at 16:00

Vlad Bubnov

1
3

0

votes

1 answer

Import Elasticsearch 2.X data to 6.X?

I've got some data/logs from Elasticsearch 2.4 & I've got a new Elasticsearch 6.X running. What's the best/correct way to import data from 2.X to 6.x? Thanks!

elasticsearch elk

asked Apr 21 '18 at 09:45

GTXBxaKgCANmT9D9

415
1
7
16

0

votes

1 answer

Info sent from Logstash via elastic output not showing in Kibana, but file output works fine - what am I doing wrong?

I have an "ELK stack" configuration and, at first, was doing the standard 'filebeat' syslog feeding from logstash with the elasticsearch output plugin. It worked just fine. Now I have added a TCP input port (with assigned "type" for this data so as…

elasticsearch logstash kibana elk

asked Nov 07 '17 at 20:33

Brendan

73
1
8

0

votes

1 answer

Logstash creating many tcp connections for single hosts

Logstash: 5.3.0 nxlog: nxlog-ce-2.9.1716 Checking nestat I have like 300 established connections even though I have only about 50 hosts. I have like 40 connections for some hosts when I the client's side there is only one active connection. I added…

elasticsearch logstash elk nxlog

asked Jul 07 '17 at 15:12

red888

4,183
18
64
111

0

votes

2 answers

Troubleshooting rsyslog integration with ELK stack

I'm trying to configure rsyslog to send logs to logstash on CentOS. So I was following the tutorial. However, after setting up, nothing happens. Everything started ok, not error occurred but no logs in elasticsearch. Here is my…

rsyslog elasticsearch logstash kibana elk

asked Jun 08 '17 at 06:59

Sergii Bishyr

101
4

0

votes

1 answer

HAProxy in front of logstash broken pipe

I'm setting up ELK stacks with loadbalancing. Haproxy works fine for ES and Kibana but I'm having issues with Logstash. Here's the haproxy configuration: frontend logstash bind 0.0.0.0:5000 mode tcp option tcpka option tcplog log…

haproxy logstash elk

asked May 31 '17 at 15:47

Gab

183
1
8

0

votes

1 answer

Graylog stream getting events, but is empty

I've started sending Palo Alto logs to Graylog, and a stream rule picks them out by matching "Palo Alto" in a "tags" field (which is how all my stream rules are; a front-end Logstash instance does the tagging before shipping to Graylog). I know the…

logging elk graylog

asked Mar 24 '17 at 19:09

armani

420
1
9
26

0

votes

1 answer

Can I setup logstash with windows generated certs instead of openssl?

Going through this tutorial. They use openssl to generate certs to use with logstash ie this command: sudo openssl req -subj '/CN=ELK_server_fqdn/' -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout private/logstash-forwarder.key -out…

elasticsearch logstash ad-certificate-services pki elk

asked Jun 07 '16 at 20:46

red888

4,183
18
64
111

0

votes

2 answers

ELK stack on AWS and web app on Digital Ocean, how and can I grab logs from the later?

I have a python website hosted on digital ocean and ELK stack - Elastic Search, Kibana, Logstash - on AWS. I'm trying to understand how to feed the logs files from my python web app on digital ocean to the ELK stack on AWS: Is it possible to feed…

ubuntu amazon-web-services elasticsearch elk

asked Jun 05 '16 at 06:58

Dett

53
1
4

0

votes

2 answers

Is is possible to pass logs to ELK stack via a ZeroMQ connection?

I have just started learning about the ELK stack. I know that Logstash can take input from several different sources via filebeat client and put that in ElasticSearch. Is it possible to pass log data to ELK via a ZeroMQ connection ? Thanks

logstash elk

asked Apr 09 '16 at 06:05

joes

101

0

votes

2 answers

rsyslog TLS on AIX

I am trying to forward logs with rsyslog (8.4.2) on AIX 7.1 and I need to encrypt with TLS. However it seems I need rsyslog-gnutls package. I can't seem to find this package anywhere for AIX. Best I could find is…

tls rsyslog aix gnutls elk

asked Mar 18 '16 at 19:49

CodyK

175
1
9

0

votes

1 answer

What is "io/console not supported; tty will not be manipulated"?

What is this message and how can I get rid of it? I am using ELK stack on windows 8. Every thing works just fine but this message which I get whenever I run logstash, buzzes me off. This is the complete output I get by running logstash on my…

windows logstash elk

asked Jan 19 '16 at 08:50

Kobayashi

117
1
6

0

votes

1 answer

ELK: LogStash to read log files from remote Samba-mapped network drives

I'm new to ELK, and I would like to set up a solution to index Microsoft IIS and applicative .NET logs with ES. I'm aware about different approaches: 1) [app servers: log files ➔ Logstash] ➔ [collecting server: Redis ➔ Logstash] ➔ [ES cluster: ES ➔…

elasticsearch logstash elk

asked Dec 20 '15 at 19:48

Maxim Gueivandov

83
1
9

Questions tagged [elk]