Question

DNS, POSTFIX,RADIUS Filter for logstash on my elk stack.

Posted February 2, 2017 3.5k views
UbuntuElasticsearch

What i want is to add the geoip feature to my elk stack but with dns, postix, dovecot, radius, included apart from apache and nginx
Also Cisco devices as well.
Hi Mitchell … i saw you add filter for apache and nginx in this link
https://www.digitalocean.com/community/tutorials/how-to-map-user-location-with-geoip-and-elk-elasticsearch-logstash-and-kibana
Can you do the same for DNS server.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Sorry to see that your question hasn’t received an answer yet. Unfortunately, after this much time, it is unlikely an answer for this specific question will be provided without more information. For people still landing here via search, check out this tutorial. It’s a great introduction to writing Logstash filters utilizing Grok:

by Mitchell Anicas
One way to increase the effectiveness of your Logstash setup is to collect important application logs and structure the log data by employing filters. In this guide, we will focus primarily on how to add filters for various common application logs.
Submit an Answer