Analyzing Log files of very large size
Paul Procacci
pprocacci at gmail.com
Mon Jul 12 14:05:47 UTC 2021
Ah, I'm accustomed to running Elasticsearch in AWS. My mistake. ;)
On Mon, Jul 12, 2021 at 3:44 AM Peter Boosten <freebsd at boosten.org> wrote:
> Paul Procacci schreef op 12-07-2021 08:20:
>
> >
> > Someone made mention of Elasticsearch and that's a good option too.
> > All
> > the work
> > of indexing the data has already been done for you. You just don't
> > have to
> > mind paying
> > for it. ;)
> >
>
> Not sure where you get the idea that you have to pay to use
> Elasticsearch. I'm running an ELK stack happily in one of my jails,
> gathering millions of logs, from the ports collection.
> I admit that the modules collection on filebeat is somewhat limited (to
> ingest/parse log files) on FreeBSD (and I really don't know why), but
> you can solve that by downloading the source and add the modules
> manually.
>
> And it works like charm. With some configuration you even get security
> running, and you have your own personal SIEM.
>
> --
> It never hurts to help!
>
> Peter
>
--
__________________
:(){ :|:& };:
More information about the freebsd-questions
mailing list