Hello! I am learning to use the logstash, ElasticSearch and Kibana. I plan to centralize logs from multiple switches. Could anyone help me in setup?
Are your switches capable of sending syslog messages, or is it SNMP traps you're interested in. The more specific question you ask the more specific and useful answers you'll get.
1 Like
Thanks for answering.
The switch sends syslog messages. My idea is to centralize logs switches and servers. I do not know how to capture these messages from the switches.
Have a look at https://www.elastic.co/guide/en/logstash/current/config-examples.html#_processing_syslog_messages to get you started.