René – René's ICT Blog

hello world :-P

Hi everyone! Thanks for visiting 🙂

I have not been posting much lately, to make quite an understatement. I’ve been busy with a lot of other things (especially enjoying life) and haven’t put much time into this blog. However, I see I still get a lot of visitors to this place, and that is the reason I kept it online.

Having said that, in the meantime I’ve been playing around a lot with Arduino microcontrollers, sensors, data, etcetera, or to use a populair term: IoT stuff. I’m planning to post some articles about that, as I think it is fun to play around with it and get more and more ideas along the way. I’m not going to plan a roadmap or anything, I’ll just post when it suits me.

Have a good time and hope to keep seeing you around here!

Apache access logs in Kibana – part 2

Kibana After writing my previous article about shipping Apache logs to Elasticsearch via Logstash, I changed my setup for various reasons. But I still visualize them using Kibana.

Continue reading “Apache access logs in Kibana – part 2”

Cisco ASA Netflow in Elasticsearch

Using Netflow, you can visualize your network traffic and use the collected data to analyze conections in case of troubles (which is what I use it for). All kinds of collectors are on the market, most paid applications, but why not use ELK for this and visualize your traffic using Kibana?

Continue reading “Cisco ASA Netflow in Elasticsearch”

Elastic Beats on Raspberry Pi

Beats are the new (log) shippers by Elastic. They’re available for various architectures, installable via repositories, but not for ARM architecture. So how do we install them on a Raspberry Pi? Read on to find out!

Continue reading “Elastic Beats on Raspberry Pi”

Monitor Microsoft Exchange Server mailflow using ELK

It’s been a while, but today I thought it was time to finish my ELK input for monitoring Microsoft Exchange Server.

Continue reading “Monitor Microsoft Exchange Server mailflow using ELK”

WIP: Exchange Server Monitoring

It’s still a Work In Progress, but I didn’t want to keep this from you. Using ELK and Filebeat, I want to monitor what is going in and out of my Microsoft Exchange Server. Eventually I want to see what e-mail is flowing trough my Edge Server to my Mailbox Server and what e-mail is blocked (and in what amounts).

I’ll keep you posted!

exchange_dashboard

elasticsearch.service; disabled

After upgrading to Elasticsearch 2.0 (running on Debian 8 “Jessie”), I noticed it didn’t start automatically anymore. A service elasticsearch status returned this:

● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled)
   Active: active (running) since Fri 2015-10-30 23:27:04 CET; 23min ago

Notice the disabled part? You need to manually enable it again.

Continue reading “elasticsearch.service; disabled”

Cisco ASA alerts and Kibana

Kibana Today we will be sending alerts from my Cisco ASA firewall to Kibana. As I was looking how to configure this, I found some examples of how to do this, but none of them really worked, so I started “hobbying” myself and created something that works really well.

Continue reading “Cisco ASA alerts and Kibana”

Apache access logs in Kibana

Kibana I needed a more convenient way to view my Apache access logs, other than tailing the access logs files on my webserver. Why not use Kibana for this? It not only shows you the access log lines, it also lets you create nice graphs about visitors, response codes, user agents, etcetera.

Continue reading “Apache access logs in Kibana”

I’m back!

Hi everyone, I’m back!

I’m doing some new projects I’d like to share with the world, so I reanimated my old ‘ICT’ Blog to put some stuff online again. I also reposted my old article on Webalizer, as I still saw a lot of requests to that post in my webserver logs.

Well, this is it for now, more to come soon!