Grok

I’ve not the time right now to write more in the Logstash series, but as a quick interlude, I’d like to link to my ever-expanding Gist containing some useful Logstash GROK patterns for Postfix and Sendmail. Good, comprehensive sets of these are a bit of a slog to find online, so I cobbled together some from posts on the Internets, GitHub Gists and some tweaks of my own to make them work. ...

In my previous post, I outlined how I manage the collection of logs across our infrastructure at a high level with Logstash and Elasticsearch. I also touched upon viewing and searching through the data with Kibana, a Javascript frontend. In this post, I want to cover an important interim step if using the packages in the ElasticSearch repos is unfeasible or if you are running legacy servers that the repos don’t provide packages for. ...