Git Product home page Git Product logo

Comments (2)

enotspe avatar enotspe commented on July 20, 2024

Hi @asrocha ,

You first have to deploy (or install) Elasticsearch (and Kibana). I use Elastic Cloud, so I didn´t have to install anythingh really.
Then, you have to install Logstash. I normally install it on a Centos sever, it is pretty straighforward actually. You can follow this link for it. There are some recomendations I would suggest:

  1. Check firewall rules on your server. This is pretty basic but I can give you a hard time if you forget to open the ports you use for ingesting traffic.
  2. Configure your env variable in case you can your logstash hostname on your logs (I manage serveral logstash, so it comes in handy):
    add HOSTNAME="myhostname" to /etc/default/logstash when running logstash as a service
  3. Increase your heap: on jvm.options files inside /etc/logstash, you should change those values
    -Xms1g
    -Xmx1g
    If you use a dedicated server, you can assing 40% of RAM to your heap, considerar that heap could not go higher than 8GB. However I got a logstash where I haven´t tweaked this value and is performing great.
  4. Configure your logstash.yml. I manage my pipelines from Kibana, so basically here I just put all the pipelines.id I want my logstash to run. And I load all the pipelines in Kibana.
  5. Finally, in Kabana, load on saved objects the .ndjson. On index templates, load the templates.

That´s pretty much it. I will also remmend you suscribe to the Elastic slack channel. I have found great advise there as well. My knowledge is on Fortinet, not ES, so we are all learning on this ES journey.

I will be posting revised version of pipelines, templates and dashboards soon.

from fortinet-2-elasticsearch.

enotspe avatar enotspe commented on July 20, 2024

Readme has been updated with detailed instructions

from fortinet-2-elasticsearch.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.