Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

Kibana

No description
by

Glenn Abraas

on 29 January 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Kibana

Filters
Converting
Very versatile
Very smart
Log = Time + Data
Logstash, explained
Kibana, visualizing logging and reporting
Glenn Abraas
Networking vakgroep
28-01-2014
Database
Indexing
Magic
Logstash
Inputs, Codecs, Filters and outputs
http://logstash.net/docs/1.3.3/

Before logstash
After logstash
Example 2 (GeoIP)

filter {
geoip {
source => "clientip"
}
geoip {
source => "src"
}
geoip {
source => "dst"
}
}
Example 1 (fortigate firewall logging)
filter {
#fortigate firewall logging
kv {
trimkey=>[ "<[0-9][0-9][0-9]>" ]
source=>"message"
}
}
<189>date=2014-01-20 time=13:15:58 devname=CGR-ADFW01 device_id=FG100C3G09605262 log_id=0021000002 type=traffic subtype=allowed pri=notice vd=root src=192.168.3.121 src_port=41234 src_int="port1" dst=192.168.35.25 dst_port=5666 dst_int="VPN-NELSON-HK" SN=123233749 status=accept policyid=80 dst_country="Reserved" dir_disp=org tran_disp=noop service=NRPE proto=6 duration=11 sent=1842 rcvd=1904 sent_pkt=9 rcvd_pkt=6 vpn="VPN-NELSON-HK" vpn_type=ipsec-static
Output
Visualizing
In depth
Input
Syslog
Eventlog
File
Twitter
SNMPtrap
NetFlow
Interaction
Demo
Indexing
Filters
Full transcript