[syslog-ng] heat map from firewall logs: syslog-ng GeoIP + Kibana
Czanik, Péter
peter.czanik at balabit.com
Mon Nov 28 12:28:44 UTC 2016
Hi,
This was part of my talk last week at a conference, but I also made a blog
from it:
https://www.balabit.com/blog/how-to-create-heat-maps-to-show-whos-trying-to-connect-your-router/
You can parse iptables logs (or other firewalls using key=value format)
using in syslog-ng using the key=value and GeoIP parsers, store it to
Elasticsearch and display the results in Kibana.
Bye,
Peter Czanik (CzP) <peter.czanik at balabit.com>
Balabit / syslog-ng upstream
https://www.balabit.com/blog/author/peterczanik/
https://twitter.com/PCzanik
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.balabit.hu/pipermail/syslog-ng/attachments/20161128/6f46c593/attachment.html>
More information about the syslog-ng
mailing list