Hello,
I need some help, I have ELK on Windows and I'd like to collect logs from Cisco ASA, how shoud I configure my ELK?
elasticsearch - 2.2.1
logstash - 2.2.2
kibana - 4.4.1
It is pretty hard to help without a concrete problem. If you google for this topic, you will find plenty of hits - but of course I dont know if any of those posts covers your problem/issue.
Also, if you check out the logstash grok filter, it has plenty of Cisco ASA patterns. So, fair share of things to reuse.
If your problem is getting up and running with logstash, then the getting started guide might be worth a read.
If you struggle, please show exact configurations and errors, so people can help. Also, please make sure to drop a note in the appropriate forums.
Thanks a lot!
Thanks for reply.
I was directed to the same github page when requesting logstash patterns for cisco asa.
How do I add those filters to logstash.conf?
Thanks
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.