I'm currently building an ELK stack and what I want to do is use a previous Apache log file to ingest into the ELK server for demo purposes.
One idea I had was to make the log locally available and then parse through Logstash by adding an apache conf file in the Logstash conf.d directory and restart Logstash.
In short I'm trying to find a quick way to add some "known" data to be able to demo to my colleagues the benefits of using Kibana dashboards for identifing security events.
The kibana team, and i think a good portion of elastic uses this awesome tool called makelogs here http://github.com/spalger/makelogs, it's a great way to just pop in some really generic data into a cluster to analyze and show off what you can do.
Thanks for the info Khalah, I could find a use case for that however what I'm trying to do is use an existing log that contains, let's say "activities of interest" to view in Kibana. So it would be champion if I could use that.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.