I have been working on vendor project helping analyze log data. We have currently setup graylog server for our log management but feel restricted with visualizing some of these data. We were wondering if we could use Kibana with Graylog as it has better visualizing capabilities?
Do we have to configure Logstash for Kibana or can we just install Kibana and configure it with Graylog. Can someone help us with a direction to this process?
I read from forums we can use Shield or ACL like Nginx but how to we get them configured?
Since graylog stores its data in Elasticsearch, you should be able to use Kibana to visualize it. I'm not sure how the data in graylog is mapped, but you will find out soon enough, I imagine.
Thanks for your response. This makes sense, However while using ingest node will Elasticsearch have the housekeeping capabilities? Will there be any restrictions to visualizing in Kibana from Graylog messages?
I suppose logstash is the traditional way to do it, but was just curious about how elasticsearch works with Kibana
Not really sure what you mean here. Kibana in ELK suite is the window into the stack. So, you should be able to visualize your data which is either ingested into ES with an ingest node or through logstash or directly. Should be easy(?) from what Aaron pointed out about graylog storing it's data into ES.
Forget everything about the ingest node, as that was a red herring. Graylog uses its own method to insert log data into Elasticsearch. You should be able to see Graylog's messages in Kibana, as they're stored in Elasticsearch.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.