Initial setup of Logstash

Thor-Egil_Ekeli · October 14, 2018, 5:41am

Hi,

I am new to ELK and have a basic question about how to start. I have installed the ELK-stack on Ubuntu 18.04, and as a start I want to receive syslog from my Cisco ASA-devices into Logstash so that I can view the log data with Kibana, Kan anyone give me the exact steps I have to do to set this up? When I list installed plugins from the host I see a syslog-plugin but what do I need to do to receive data in logstash?

Br,

Thor-Egil

bardie · October 14, 2018, 1:13pm

This link can help

http://www.gregmefford.com/blog/2014/09/24/analyzing-cisco-asa-firewall-logs-with-logstash/

magnusbaeck · October 14, 2018, 2:52pm

https://www.elastic.co/guide/en/logstash/current/config-examples.html contains a syslog example.

system · November 11, 2018, 3:07pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.