March 9, 2014
Logstash 101 - April 20th, 2014
Join us on April 20th at 1pm to hear Embalmed speak about running Logstash, an open source alternative to Splunk. He'll be covering:
- How to setup Logstash
- Options for delivering logs to Logstash (redis, lumberjack, syslog)
- Logstash grok filters / parsing
- A few minutes on SEC for realtime alerting
- Kibana3 frontend
- Securing ElasticSearch
- Caveats/issues
Embalmed is Senior Network Security Engineer in the Seattle area.
Slides and Sample configs for the presentation can be found here: Logstash_101.zip