Using external lookup in Logstash -

-

i'm working on 2 logstash projects, 1 monitoring iis logs , 1 firewall.

now iis logs high-usage servers generating 25gb of logs each month , there several of these. issue here not want enable reverse lookup, not on servers nor in logstash, external service can cache outside of dns lookup´function in logstash.

the other problem want solve firewall project related lookup of standard, , non-standard ports. our firewall generates dest portnumber translate make our kibana dashboards more readable. firewall has around 10gb/s traffic , generates lot of syslog traffic.

we run 8-16 workers on our logstash server. there easy (?) way make api call logstash , worth considering based on performance?

another option i'm condering "offline" batch processing, ie running batch jobs directly towards elasticsearch, likley mean should have separate instance of elasticsearch or redis before frontend.

the best option likley translation in kibana interface, scripted field, of understand not work usercases?

the dns{} filter uses local machine's resolution, couldn't integrate non-dns cache without making new filter or dropping ruby{}.

depending on number of values have, publish them file , use translate{}, recommend private network lookup.

if dns data in elasticsearch, can query during filtering , add fields events way.

for firewall port problem, didn't give example of original , desired values, again, check out translate{} or drop ruby{}.


Comments

Post a Comment

Popular posts from this blog

java - Andrioid studio start fail: Fatal error initializing 'null' -

-
i don't know happened android studio,when start ,it shows me error message below. , try uninstall/reinstall it,but doesn't work.who can me!!! internal error. please report https://code.google.com/p/android/issues java.lang.runtimeexception: com.intellij.ide.plugins.pluginmanager$startupabortedexception: fatal error initializing 'null' @ com.intellij.idea.ideaapplication.run(ideaapplication.java:178) @ com.intellij.idea.mainimpl$1$1$1.run(mainimpl.java:52) @ java.awt.event.invocationevent.dispatch(invocationevent.java:209) @ java.awt.eventqueue.dispatcheventimpl(eventqueue.java:715) @ java.awt.eventqueue.access$400(eventqueue.java:82) @ java.awt.eventqueue$2.run(eventqueue.java:676) @ java.awt.eventqueue$2.run(eventqueue.java:674) @ java.security.accesscontroller.doprivileged(native method) @ java.security.accesscontrolcontext$1.dointersectionprivilege(accesscontrolcontext.java:86) @ java.awt.eventqueue.dispatchevent(eventqu
Read more

android - Gradle sync Error:Configuration with name 'default' not found -

-
i want add external library guillotinemenu-android in application. followed steps given in upvoted answer existing question how add library project android studio? facing error when try build project after step 6 i.e. when added dependency in app/build.gradle compile project(":guillotinemenu") . tried stackoverflow links related error not working out. have made folder named libs in app directory , copied project folder guillotine menu there. here build.gradle(module:app) file apply plugin: 'com.android.application' android { compilesdkversion 22 buildtoolsversion "22.0.1" defaultconfig { applicationid "com.sunshine.bbreaker.appet_i" minsdkversion 14 targetsdkversion 22 versioncode 1 versionname "1.0" } buildtypes { release { minifyenabled false proguardfiles getdefaultproguardfile('proguard-android.txt'), 'proguard-rules.p
Read more

StringGrid issue in Delphi XE8 firemonkey mobile app -

-
i'm using delphi xe8 developing mobile application , i'm facing of problem in tstringgrid. i have written following code in stringgridselectcell event. showmessage(stringgrid.cells[0, arow]); and shows proper value of selected row @ first time. when have tried click again selected row, event not getting fired. , cant able unselect particular row. so, have tried write message in onclick event. var irowind: integer; begin irowind := stringgrid1.selected; showmessage(stringgrid.cells[0, irowind]); end; and not working @ first time of click , when clicked second time works properly. issue in android mobile , not in windows. later, have kept both event code , faced issue. when i'm scrolling grid, firing onclick event. so, displaying selected row value. please provide me solution. , in advance. let's onclick event: procedure tfmmain.stringgrid1click(sender: tobject); begin caption := 'selected row id: ' + stringgrid1.select
Read more