helo, I'm currently testing a new filter, filter-jsonlog.
The filter basically rebuilds the state of SMTP sessions and for each of the SMTP events that occur in a session it will output the session state to syslog in json format. Injecting the json objects to an elasticsearch allows creating dashboard for pretty much anything you can think of because the session states can allow correlating any information together. see: https://twitter.com/PoolpOrg/status/1154858074273996802 The problem is that while I worked with ELK gurus in the past who helped me understand how to properly craft logs to ease creation of dashboards, I suck at actaully creating these dashboards. If there are a few people around with ELK knowledge, it would be nice to give me some help in showcasing what can be achieved with this feature. -- Gilles Chehade @poolpOrg https://www.poolp.org patreon: https://www.patreon.com/gilles
