Hi!
I'd like to centralised Free IPA logs with Logstash/ElasticSearch/Kibana. Can you suggest me any step-by-step guide? https://www.freeipa.org/page/Howto/Centralised_Logging_with_Logstash/Elastic... I tried to follow this guide without success.
Thanks in advance, Daniele
Newer versions of EL7 include rsyslog v8 which includes the omelasticsearch module - I would suggest using that to send logs from rsyslog to elasticsearch directly, and do not use logstash.
On 01/25/2018 09:36 AM, Daniele Liciotti via FreeIPA-users wrote:
Hi!
I'd like to centralised Free IPA logs with Logstash/ElasticSearch/Kibana. Can you suggest me any step-by-step guide? https://www.freeipa.org/page/Howto/Centralised_Logging_with_Logstash/Elastic... I tried to follow this guide without success.
Thanks in advance, Daniele _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Thank you for your feedback, but I've just noticed that EL7 still needs to be released (https://www.elastic.co/guide/en/elasticsearch/reference/master/breaking-chan...).
Daniele
On 25 January 2018 at 19:27, Rich Megginson via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Newer versions of EL7 include rsyslog v8 which includes the omelasticsearch module - I would suggest using that to send logs from rsyslog to elasticsearch directly, and do not use logstash.
On 01/25/2018 09:36 AM, Daniele Liciotti via FreeIPA-users wrote:
Hi!
I'd like to centralised Free IPA logs with Logstash/ElasticSearch/Kibana. Can you suggest me any step-by-step guide?
https://www.freeipa.org/page/Howto/Centralised_Logging_with_Logstash/Elastic... I tried to follow this guide without success.
Thanks in advance, Daniele _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Sorry. By "EL7" I meant RHEL7, or CentOS7, or some Enterprise Linux 7 (EL7) variant.
You can use any version of Elasticsearch - 2.x or later.
On 01/25/2018 02:45 PM, Daniele Liciotti via FreeIPA-users wrote:
Thank you for your feedback, but I've just noticed that EL7 still needs to be released (https://www.elastic.co/guide/en/elasticsearch/reference/master/breaking-chan...).
Daniele
On 25 January 2018 at 19:27, Rich Megginson via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Newer versions of EL7 include rsyslog v8 which includes the omelasticsearch module - I would suggest using that to send logs from rsyslog to elasticsearch directly, and do not use logstash.
On 01/25/2018 09:36 AM, Daniele Liciotti via FreeIPA-users wrote:
Hi!
I'd like to centralised Free IPA logs with Logstash/ElasticSearch/Kibana. Can you suggest me any step-by-step guide?
https://www.freeipa.org/page/Howto/Centralised_Logging_with_Logstash/Elastic... I tried to follow this guide without success.
Thanks in advance, Daniele _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
Thank you! I have used the configurations present in: https://github.com/pschiffe/rsyslog-elasticsearch-kibana/tree/master/rsyslog
and now the system works properly.
Regards, Daniele
On 25 January 2018 at 23:15, Rich Megginson via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Sorry. By "EL7" I meant RHEL7, or CentOS7, or some Enterprise Linux 7 (EL7) variant.
You can use any version of Elasticsearch - 2.x or later.
On 01/25/2018 02:45 PM, Daniele Liciotti via FreeIPA-users wrote:
Thank you for your feedback, but I've just noticed that EL7 still needs to be released
(https://www.elastic.co/guide/en/elasticsearch/reference/master/breaking-chan...).
Daniele
On 25 January 2018 at 19:27, Rich Megginson via FreeIPA-users freeipa-users@lists.fedorahosted.org wrote:
Newer versions of EL7 include rsyslog v8 which includes the omelasticsearch module - I would suggest using that to send logs from rsyslog to elasticsearch directly, and do not use logstash.
On 01/25/2018 09:36 AM, Daniele Liciotti via FreeIPA-users wrote:
Hi!
I'd like to centralised Free IPA logs with Logstash/ElasticSearch/Kibana. Can you suggest me any step-by-step guide?
https://www.freeipa.org/page/Howto/Centralised_Logging_with_Logstash/Elastic... I tried to follow this guide without success.
Thanks in advance, Daniele _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-leave@lists.fedorahosted.org
freeipa-users@lists.fedorahosted.org