You probably already heard about Elasticsearch and its potential. Elasticsearch is a full-text search engine based on Lucene. It provides a RESTful web interface and schema-free JSON documents. To be able to better display logs collected by NetEye, we integrated three open source projects: Logstash, Elasticsearch and Kibana.
Logstash parses logs and submits them to Elasticsearch, which saves them in a structured way. Finally, Kibana takes the role of displaying all the collected data within NetEye Syslog View.
With Logstash and Elasticsearch logs can be parsed in real time, providing us the possibility to see live logs parsed and filtered as they come:
Additionally, with the new Kibana 3 Frontend NetEye users can easily create a multitude of useful dashboards, aggregating the data coming from logs in order to display very interesting statistics.
You can generate your individual dashboards defining settings according to your business’ needs.
The example below shows a dashboard displaying the total count of users that have used a particular program of the MS Office suite through citrix (this can be useful to determine the number of effectively needed licenses).
Another example could be a dashboard showing the statistics about accesses to websites on your local webserver: