I'm currently testing a new filter, filter-jsonlog.

The filter basically rebuilds the state of SMTP sessions and for each of
the SMTP events that occur in a session it will output the session state
to syslog in json format.

Injecting the json objects to an elasticsearch allows creating dashboard
for pretty much anything you can think of because the session states can
allow correlating any information together.

see: https://twitter.com/PoolpOrg/status/1154858074273996802

The problem is that while I worked with ELK gurus in the past who helped
me understand how to properly craft logs to ease creation of dashboards,
I suck at actaully creating these dashboards.

If there are a few people around with ELK knowledge, it would be nice to
give me some help in showcasing what can be achieved with this feature.

Gilles Chehade                                                 @poolpOrg

https://www.poolp.org            patreon: https://www.patreon.com/gilles

Reply via email to