elk-docker - Elasticsearch, Logstash, Kibana (ELK) Docker image

•    Shell

This Docker image provides a convenient centralised log server and log management web interface, by packaging Elasticsearch, Logstash, and Kibana, collectively known as ELK. See the ELK Docker image documentation web page for complete instructions on how to use this image.

dockerfile - 一些常用的 docker 镜像

•    Dockerfile

一些常用的 docker 镜像

docker-elk - The ELK stack powered by Docker and Compose.

•    Dockerfile

Run the latest version of the Elastic stack with Docker and Docker Compose. It will give you the ability to analyze any data set by using the searching/aggregation capabilities of Elasticsearch and the visualization power of Kibana.

awesome-elasticsearch - A curated list of the most important and useful resources about elasticsearch: articles, videos, blogs, tips and tricks, use cases

@dzharii, @...

VulnWhisperer - Create actionable data from your Vulnerability Scans

•    Python

VulnWhisperer is a vulnerability data and report aggregator. VulnWhisperer will pull all the reports and create a file with a unique filename which is then fed into logstash. Logstash extracts data from the filename and tags all of the information inside the report (see logstash_vulnwhisp.conf file). Data is then shipped to elasticsearch to be indexed. The following instructions should be utilized as a Sample Guide in the absence of an existing ELK Cluster/Node. This will cover a Debian example install guide of a stand-alone node of Elasticsearch & Kibana.

LogTrail - Log Viewer plugin for Kibana

•    Javascript

LogTrail is a plugin for Kibana to view, analyze, search and tail log events from multiple hosts in realtime with devops friendly interface inspired by Papertrail.

node-logstash - Simple logstash implmentation in nodejs : file log collection, sent with zeromq

•    Javascript

It's a NodeJS implementation of Logstash. node-logstash is a tool to collect logs on servers. It allows sending its logs to a central server and to ElasticSearch for indexing.

elastiflow - Network flow Monitoring (Netflow, sFlow and IPFIX) with the Elastic Stack

•    Shell

ElastiFlow provides network flow data collection and visualization using the Elastic Stack (Elasticsearch, Logstash and Kibana). It supports Netflow v5/v9, sFlow and IPFIX flow types (1.x versions support only Netflow v5/v9).

kibi - Kibi is a friendly - kept in sync - Kibana fork which add support for joins across indexes and external sources, tabbed navigation interface and more

•    Javascript

Kibi extends Kibana 5.5.2 with data intelligence features; the core feature of Kibi is the capability to join and filter data from multiple Elasticsearch indexes and from SQL/NOSQL data sources ("external queries").In addition, Kibi provides UI features and visualizations like dashboard groups, tabs, cross entity relational navigation buttons, an enhanced search results table, analytical aggregators, HTML templates on query results, and much more.

logstash-logger - Ruby logger that writes logstash events

•    Ruby

LogStashLogger extends Ruby's Logger class to log directly to Logstash. It supports writing to various outputs in logstash JSON format. This is an improvement over writing to a file or syslog since Logstash can receive the structured data directly. You can use a URI to configure your logstash logger instead of a hash. This is useful in environments such as Heroku where you may want to read configuration values from the environment. The URI scheme is type://host:port/path?key=value. Some sample URI configurations are given below.

ELK - 搭建ELK日志分析平台。

搭建ELK日志分析平台。

journalbeat - Journalbeat is a log shipper from systemd/journald to Logstash/Elasticsearch

•    Go

Journalbeat is the Beat used for log shipping from systemd/journald based Linux systems. It follows the system journal very much like journalctl -f and sends the data to Logstash/Elasticsearch (or whatever you configured for your beat). Journalbeat is targeting pure systemd distributions like CoreOS, Atomic Host, or others. There are no intentions to add support for older systems that do not use journald.

hangout - 用java实现一下Logstash的几个常用input/filter/output, 希望能有效率上面的大提升

•    Java

模仿logstash做的一个应用. 现在我们迁移到了 https://github.com/childe/gohangout , 这个项目基本上停止更新了. 我们一直用logstash从Kafka消费数据进ES, 随着数据量的越来越大, 需要的logstash实例和机器也越来越多.

HELK - The Incredible HELK

•    Shell

A Hunting ELK (Elasticsearch, Logstash, Kibana) with advanced analytic capabilities.At the end of the HELK installation, you will have a similar output with the information you need to access the primary HELK components. Remember that the default username and password for the HELK are helk:hunting.

logspout-logstash - A minimalistic adapter for github.com/gliderlabs/logspout to write to Logstash

•    Go

in modules.go. Use by setting a docker environment variable ROUTE_URIS=logstash://host:port to the Logstash server. The default protocol is UDP, but it is possible to change to TCP by adding +tcp after the logstash protocol when starting your container.

JustLog - JustLog brings logging on iOS to the next level

•    Swift

JustLog takes logging on iOS to the next level. It supports console, file and remote Logstash logging via TCP socket with no effort. Support for logz.io available. At Just Eat, logging and monitoring are fundamental parts of our job as engineers. Whether you are a back-end engineer or a front-end one, you'll often find yourself in the situation where understanding how your software behaves in production is important, if not critical. The ELK stack for real-time logging has gained great adoption over recent years, mainly in the back-end world where multiple microservices often interact with each other.

go-stash - go-stash is a high performance, free and open source server-side data processing pipeline that ingests data from Kafka, processes it, and then sends it to ElasticSearch

•    Go

go-stash is a high performance, free and open source server-side data processing pipeline that ingests data from Kafka, processes it, and then sends it to ElasticSearch.

dsiem - Security event correlation engine for ELK stack

•    Go

Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. Dsiem provides OSSIM-style correlation for normalized logs/events, perform lookup/query to threat intelligence and vulnerability information sources, and produces risk-adjusted alarms.

logstash-gelf - Graylog Extended Log Format (GELF) implementation in Java for all major logging frameworks: log4j, log4j2, java

•    Java

See also http://logging.paluch.biz/ or http://www.graylog2.org/resources/gelf/specification for further documentation.You need to install the library with its dependencies (see download above) in Glassfish. Place it below the $GFHOME/glassfish/domains/$YOURDOMAIN/lib/ext/ path, then add the Java Util Logging to your logging.properties file.

silk - Silk is a port of Kibana 4 project.

•    Javascript

Silk is an open source (Apache Licensed), browser based analytics and search dashboard for Solr. Silk is a snap to setup and start using. Silk strives to be easy to get started with, while also being flexible and powerful.