Good afternoon, I have a server ELK (OS Ubuntu 18.04), the network gateway (CISCO ASA) store all logs and send to Gray LOG, but i want that these logs been sents to ELK (filebeat>logstash>elasticsearch>kibana).
How can i do this?
You can use the Syslog input in Filebeat. Just point your Cisco ASA gateway to send the logs to Filebeat via syslog.
In the next 7.2.0 version, Filebeat will include a module to parse Cisco ASA logs.
I created a archive at (/etc/logstash/conf.d/input-beat-1.conf) and tried to configure the archive, but i am not receive updates in my dashboard. 
Where exactly can i put it/ configure it?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.