Private GIT

Skip to content
Snippets Groups Projects
Unverified Commit 4e563a9c authored by 9S's avatar 9S Committed by GitHub
Browse files

Update README.md

parent 75ffcdad
No related branches found
No related tags found
No related merge requests found
...@@ -53,25 +53,25 @@ This makes sure that /conf.d/20-dns-syslog.conf is beeing processed at the begin ...@@ -53,25 +53,25 @@ This makes sure that /conf.d/20-dns-syslog.conf is beeing processed at the begin
5. copy "/etc/filebeat/filebeat.yml" to your filebeat installation at the pi-hole instance 5. copy "/etc/filebeat/filebeat.yml" to your filebeat installation at the pi-hole instance
6. customize "LOGSTASHHOST:5141" to match your logstash hostname/ip 6. customize "LOGSTASHHOST:5141" to match your logstash hostname/ip
7. restart filebeat 7. restart filebeat
9. copy 99-pihole-log-facility.conf to /etc/dnsmasq.d/ 8. copy 99-pihole-log-facility.conf to /etc/dnsmasq.d/
10. this is very important: restart pi-hole and ensure filebeat is sending logs to logstash before proceeding 9. this is very important: restart pi-hole and ensure filebeat is sending logs to logstash before proceeding
11. You can verify this by: 10. You can verify this by:
12. at your filebeat instance: "filebeat test output" - it should say "ok" on every step. 11. at your filebeat instance: "filebeat test output" - it should say "ok" on every step.
13. again: the following steps will not work correctly if sending data to logstash here is not successfull! 12. again: the following steps will not work correctly if sending data to logstash here is not successfull!
### KIBANA HOST (CAN BE THE SAME AS LOGSTASH AND ELASTICSEARCH) ### KIBANA HOST (CAN BE THE SAME AS LOGSTASH AND ELASTICSEARCH)
14. create the index pattern: Management -> Index patterns -> Create index pattern 13. create the index pattern: Management -> Index patterns -> Create index pattern
15. type logstash-syslog-dns - it shound find one index 14. type logstash-syslog-dns - it shound find one index
16. click next step and select @timezone 15. click next step and select @timezone
17. Create index pattern 16. Create index pattern
18. Once the index is created, verify that 79 fields are listed 17. Once the index is created, verify that 79 fields are listed
19. click the curved arrows on the top left 18. click the curved arrows on the top left
20. import suitable "json/elk-hole *.json" for your version into kibana: management - saved objects - import 19. import suitable "json/elk-hole *.json" for your version into kibana: management - saved objects - import
21. optionally select the correct index pattern: logstash-syslog-dns* 20. optionally select the correct index pattern: logstash-syslog-dns*
22. delete any existing template matching our index name: DELETE /_template/logstash-syslog-dns* 21. delete any existing template matching our index name: DELETE /_template/logstash-syslog-dns*
23. import the template: paste the content of "logstash-syslog-dns-index.template_ELK7.x.json" into kibanas dev tools console 22. import the template: paste the content of "logstash-syslog-dns-index.template_ELK7.x.json" into kibanas dev tools console
24. click the green triangle in the upper right of the pasted content (first line). Output should be: 23. click the green triangle in the upper right of the pasted content (first line). Output should be:
{ {
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment