katseek
commented
4 years ago The first step is to allow FileBeat to access the logs into LogStash to push to ElasticSearch, then visualize with Kibana. Hardest part is getting the format right.
Ideally from another vm/container/appliance since it is also memory intensive.
https://www.howtoforge.com/tutorial/elasticsearch-and-kibana-installation-and-basic-usage-on-ubuntu-1604/
https://medium.com/@thomasdecaux/analyze-web-traffic-with-squid-proxy-elasticsearch-logstash-kibana-stack-e2a471e34bc4 https://www.elastic.co/guide/en/logstash/current/advanced-pipeline.html https://miteshshah.github.io/linux/elk/how-to-monitor-squid3-logs-on-elk-stack/ https://reticent.net.nz/visualising-kibana-squid-logs/ https://www.fernandobattistella.com.br/log_processing/2014/10/04/ELK-Stack-and-Squid.html http://schneggerisch.blogspot.nl/2016/02/elasticsearch-logstash-kibana-squid.html