Private GIT

Skip to main content
Explore
Sign in
Explore
Snippets Groups Projects
Select Git revision
  • 558684cca7605dc4c2c3058d1f92e13f23881bd3
  • master default protected
  • fix_nzb_cat
  • develop
  • guessit2-minimal
  • ssl_warning
  • UHD-qualities
  • fix_providers8
  • !
  • tvvault
  • provider_alpharatio
  • v5.1.1
  • v5.1
  • v5.0.3
  • v5.0.2
  • v5.0.1
  • v5.0
  • v4.2.1.07
  • v4.2.1.06
  • v4.2.1.05
  • v4.2.1.04
  • v4.2.1.03
  • v4.2.1.02
  • v4.2.1.01
  • v4.2.1.0
  • v4.2.0.6
  • v4.2.0.5
  • v4.2.0.4
  • v4.2.0.3
  • v4.2.0.2
  • v4.2.0.1
31 results

SickRage-1

Name Last commit Last update
.github/ISSUE_TEMPLATE
dnsmasq.d
etc/filebeat
logstash
CODE_OF_CONDUCT.md
LICENSE
README.md
dash.PNG
elk-hole - dash.json
elk-hole - vis.json
elk-hole.zip
README.md

elk-hole

elasticsearch, logstash and kibana configuration for pi-hole visualization

show, search, filter and customize pi-hole statistics ... the elk way

please note, this is still work in progress, so please let me know if I've left anything unclear/incorrect which definitely could be the case!

requirements:

working installation of:

  1. logstash (tested with "6.5.0")
  2. elasticsearch (tested with "6.5.0")
  3. kibana (tested with "6.5.0")
  4. filebeat on pi-hole (tested with "1.3.1")

-> installation of the elk stack - refer to https://wiki.kaldenhoven.org/display/LIN/Elastic+Stack+on+Ubuntu+16.04+with+AdoptOpenJDK or https://www.elastic.co/ for details.

this repo provides the relevant files and configuration for sending the pi-hole logs via filebeat directly to logstash/elasticsearch. We will then visualize the logs in kibana with a custom dashboard.

The result will look like this:

alt text

HOW TO USE

LOGSTASH HOST

  1. copy "/conf.d/20-dns-syslog.conf" to your logstash folder (usually /etc/logstash)
  2. customize "ELASTICSEARCHHOST:PORT" in the output section at the bottom of the file
  3. copy "dns" to "/etc/logstash/patterns/"
  4. restart logstash

PI-HOLE

  1. copy "/etc/filebeat/filebeat.yml" to your filebeat installation at the pi-hole instance
  2. customize "LOGSTASHHOST:5141" to match your logstash hostname/ip
  3. restart filebeat
  4. copy 99-pihole-log-facility.conf to /etc/dnsmasq.d/
  5. restart pi-hole

KIBANA HOST (CAN BE THE SAME AS LOGSTASH AND ELASTICSEARCH)

  1. import "elk-hole.json" into kibana: management - saved objects - import

You should then be able to see your new dashboard and visualizations.

a huge "thank you" to skaldenhoven who contributed quiet some nice details to the configuration and parsing logic as well as troubleshooting and testing!

Another place to be (or not)