Installation
- Clone the repo
- Modify Environment Variables to suit your settings in
.envfile. - and run the installer
sudo chmod +x install.sh sudo ./install.sh <single-node|multi-node> - Go have some coffee !
- Access Kibana Interface at https://hostnameOrIP:5601
- Read the output of install script for credentials :)
Uninstall
sudo chmod +x uninstall.sh
sudo ./uninstall.shFeatures
- TLS Enabled Communication between syslog-ng , kibana and elasticsearch.
- User Roles and Authentication for Kibana Access.
- Alerting Enabled in Kibana.
- Syslog-ng performs GEOIP Lookup.
- Patterndb Parsers for common applications.
- Windows Log Ready
- Wazuh Integration Ready.
Future Enhancements
- Implement Reusable blocks in syslog-ng
- Implement configuration variables in syslog-ng
- Automatically create syslog-ng user via API
- Implement Letsencrypt for certficates
- Add wazuh integration
Learn More
Watch my videos at https://www.youtube.com/playlist?list=PL5PZjrSldZ81vy_pQV-hFy5F7S4JnAVqN
Need Help ?
Open an issue in github.
Buy me Coffee
Youtube Demo and Tutorial
