Private GIT

Skip to content
Snippets Groups Projects
Unverified Commit 2d068d1e authored by 9S's avatar 9S Committed by GitHub
Browse files

Update README.md

parent fdcaaab7
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 15 additions and 15 deletions
README.md
+ 15
15
View file @ 2d068d1e
...@@ -54,24 +54,24 @@ This makes sure that /conf.d/20-dns-syslog.conf is beeing processed at the begin ...@@ -54,24 +54,24 @@ This makes sure that /conf.d/20-dns-syslog.conf is beeing processed at the begin
6. customize "LOGSTASHHOST:5141" to match your logstash hostname/ip 6. customize "LOGSTASHHOST:5141" to match your logstash hostname/ip
7. restart filebeat 7. restart filebeat
9. copy 99-pihole-log-facility.conf to /etc/dnsmasq.d/ 9. copy 99-pihole-log-facility.conf to /etc/dnsmasq.d/
11. this is very important: restart pi-hole and ensure filebeat is sending logs to logstash before proceeding 10. this is very important: restart pi-hole and ensure filebeat is sending logs to logstash before proceeding
11.1 You can verify this by: 11. You can verify this by:
11.2 at your filebeat instance: "filebeat test output" - it should say "ok" on every step. 12. at your filebeat instance: "filebeat test output" - it should say "ok" on every step.
12. again: the following steps will not work correctly if sending data to logstash here is not successfull! 13. again: the following steps will not work correctly if sending data to logstash here is not successfull!
### KIBANA HOST (CAN BE THE SAME AS LOGSTASH AND ELASTICSEARCH) ### KIBANA HOST (CAN BE THE SAME AS LOGSTASH AND ELASTICSEARCH)
13. create the index pattern: Management -> Index patterns -> Create index pattern 14. create the index pattern: Management -> Index patterns -> Create index pattern
13.1 type logstash-syslog-dns - it shound find one index 15. type logstash-syslog-dns - it shound find one index
13.2 click next step and select @timezone 16. click next step and select @timezone
13.3 Create index pattern 17. Create index pattern
13.4 Once the index is created, verify that 79 fields are listed 18. Once the index is created, verify that 79 fields are listed
13.5 click the curved arrows on the top left 19. click the curved arrows on the top left
14. import suitable "json/elk-hole *.json" for your version into kibana: management - saved objects - import 20. import suitable "json/elk-hole *.json" for your version into kibana: management - saved objects - import
14. optionally select the correct index pattern: logstash-syslog-dns* 21. optionally select the correct index pattern: logstash-syslog-dns*
15. delete any existing template matching our index name: DELETE /_template/logstash-syslog-dns* 22. delete any existing template matching our index name: DELETE /_template/logstash-syslog-dns*
16. import the template: paste the content of "logstash-syslog-dns-index.template_ELK7.x.json" into kibanas dev tools console 23. import the template: paste the content of "logstash-syslog-dns-index.template_ELK7.x.json" into kibanas dev tools console
16.1 click the green triangle in the upper right of the pasted content (first line). Output should be: 24. click the green triangle in the upper right of the pasted content (first line). Output should be:
{ {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment

Another place to be (or not)