How to add MikroTik router in ELK v7

lokmanopt · September 21, 2019, 2:29am

Hello Dear,
Hope you are well,
I want to add MikroTik router all event log in to the ELK v7, already i added some Linux machine, They are working fine. Please give me some advice how to add MikroTik router in ELK v7. if some document are available please share with me. That Would be very helpful for me.

Logstash configuration is below

vim /etc/logstash/conf.d/01-logstash-simple.conf

input {
beats {
port => 5044
ssl => true
ssl_certificate => "/etc/pki/tls/certs/logstash.crt"
ssl_key => "/etc/pki/tls/private/logstash.key"
}
}

filter {
if [type] == "syslog" {
grok {
match => {
"message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:[%{POSINT:syslog_pid}])?: %{GREEDYDATA:syslog_message}"
}
add_field => [ "received_at", "%{@timestamp}" ]
add_field => [ "received_from", "%{host}" ]
}
syslog_pri { }
date {
match => [ "syslog_timestamp", "MMM d HH:mm:ss", "MMM dd HH:mm:ss" ]
}
}
}

output {
elasticsearch {
hosts => "localhost:9200"
index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}"
}
}

Note: if I have need to change in this configure please advice me.

ELK MKTR

Regards,
Lokman Hakim

system · October 19, 2019, 2:29am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Need help updating syslog conf and grok filter Logstash	6	1116	March 16, 2019
Didnt get the output of cisco router syslog in logstash server Logstash	6	1529	July 6, 2017
Help needed with Logstash and syslog config Logstash	6	730	July 6, 2017
Syslog messages into logstash Logstash	6	580	May 25, 2018
Syslog configuration output Logstash	2	583	July 6, 2017

How to add MikroTik router in ELK v7

Logstash configuration is below

Related topics