[BBLISA-announce] September BBLISA meeting: Trying to Outpace Log Collection with ELK
John Rouillard
rouilj at ieee.org
Wed Sep 10 13:22:56 EDT 2014
Hi Folks:
You may get some duplicates of this, bblisa.org has a backlog of emails
in the mailq.
Our September speaker is Neil Schelly from Dyn talking about
the work he is doing to centralizing log data with the ELK
stack: Elasticsearch, Logstash, and Kibana.
So plan on attending:
Trying to Outpace Log Collection with ELK
on Wednesday, September 10, 2014 at 7PM. Room MIT E-51, Room 149.
This talk will detail the adventures of centralizing log data with the
ELK stack: Elasticsearch, Logstash, and Kibana. We wanted to
centralize logs from many very separate networks because it's a really
good idea to look at logs more than you probably are. The adventures
in this project include building concurrent prototypes with Logstash,
Graylog2, and Splunk. There's a bit of layer 7 routing and buffering
with RabbitMQ. I might get a bit DevOps-y in the description of using
Chef to deploy all the systems in this project. And finally, there are
some lessons learned about running distributed magical databases like
ElasticSearch in Amazon AWS. tldr; Lots of stuff only breaks when it
gets big enough to break.
Neil Schelly has been a sysadmin, developer, or consultant for most of
the last 20 years. Currently, he's a Principle Security Administrator
at Dyn, Inc in Manchester, NH. Lately, there's been more of a
security, auditing, and monitoring focus to the projects he is working
on.
I hope to see you there.
-- rouilj
More information about the bblisa-announce
mailing list