It is a common requirement to export the data in Elasticsearch for users in a common format such as .csv. An example of this is exporting syslog data for audits. The easiest way to complete this task I have found is to use python as the language is accessible and the Elasticsearch packages are very well implemented.
Using a new Logstash output plugin to dynamically route UDP Traffic from a Spoofed IP and MAC Address.
When running Logstash in large scale environments it can be quite difficult to troubleshoot performance specifically when dealing with UDP packets. This blog post will explore various ways to investigate performance issues with Logstash running on Linux.
Warning: This article assumes a basic understanding of Docker Elasticsearch Logstash Why Log to Elasticsearch? Elasticsearch is a fantastic tool for logging as it allows for logs to be viewed as just another time-series piece of data. This is important for… Read More ›