Monitoring pfSense logs using ELK (ElasticSearch 1.7, Logstash 1.5, Kibana 4.1) - PART 1

on pfSense, Firewall, Logstash, Elasticsearch, Kibana, Logging, Log Analysis, ELK

This post is essentially an updated guide to my previous post [https://elijahpaul.co.uk/monitoring-pfsense-2-1-logs-using-elk-logstash-kibana-elasticsearch/] on monitoring pfSense logs using the ELK [https://www.elastic.co/] stack. Part 1 will cover the instillation and configuration of ELK and Part 2 will cover configuring Kibana 4 to visualize pfSense logs.…

Analysing Exchange (2013) Message Tracking Logs using NXLog & ELK (ElasticSearch, Logstash, Kibana)

on Logstash, Elasticsearch, Kibana, Logging, Exchange Server, Forensics, nxlog, Log Analysis

Introduction Exchange 2013 maintains a detailed record of messages sent between the transport services within an Exchange organization via message tracking logs. The default location for these logs is; C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\MessageTracking. Exchange generates 3 main log files (there is a 4th, but…