Closed wellsaar closed 4 years ago
rperigo
commented
4 years ago An update - Aaron reached out on Slack to provide the IP ranges needed and get started on setting things up. I've imported our IT-12 related stuff, and provided info on setting up Filebeat on their agent(s). We've verified Kibana access, working on Elastic/Beats integration.
rperigo
commented
4 years ago Data being ingested from their test node currently. I've verified visualizations are at least showing the data currently in the DB.
NOTE: setup.ilm.enabled: false had to be set in the filebeat.yml in order for the agent to push, this is not set on our prod instance, but the docker containers used on Dev pulled a point-release newer, so I would imagine it's a version change issue.
agopu
commented
4 years ago While ongoing issues get debugged from time to time, overall this has been in place since mid June. Closing.
Hi Aaron,
The instance is up and will be available on
elk2.sca.iu.edu.This URL will lead directly to the Kibana dashboard once firewall holes are opened. The Elasticsearch backend is proxied behind
elk2.sca.iu.edu/elastic/and is the URL you'll want to use when setting up Beats.As we cannot readily use LDAP/ADS with the free ELK implementation, I have created a superuser account for your admin-level access within Elasticsearch. I can provide these credentials in whatever way you'd like (e.g. slack message for username, separate email or Slashtmp for password. Once you have access, you can and should change that account's (randomly-generated) password.
Going forward, could you please provide us with:
Thanks!