05. 07. 2016 Juergen Vigna Log Auditing, NetEye

Practical Application of the NetEye Log Management Module to visualize SMS Notifications

Sometimes it is not so visible how many SMS are sent by a NetEye Server and to whom. So it could be a good idea to give the sms-send-protocol file to the Log Management and to include it into the Elasticsearch Index. Then you may create a Dashboard in Kibana to show the usage of your SMS Modems, something like this:

SMS-Protocol-Kibana4

How to realize this?

Add a logstash input file like this:

input {
	file {
		type =>"sms-protocol"
		path =>"/var/log/neteye/smstool/sms-send-protocol.log"
		start_position =>"beginning"
	}
}

Add a logstash filter like this:

filter {
  if [type] == "sms-protocol" {
      grok {
        patterns_dir =>"/var/lib/neteye/logstash/etc/pattern.d"
        match =>[ "message", "%{SMS_TIMESTAMP_SHORT:sms_timestamp_text} %{WORD:timezone} %{YEAR}:%{INT:sms_phonenumber}:%{GREEDYDATA:sms_text}" ]
        remove_tag =>"_grokparsefailure"
      }
      date {
          locale =>"en"
          match =>[ "sms_timestamp_text", "EEE MMM dd HH:mm:ss" ]
          target =>"sms_timestamp"
      }
  }
}

Add a logstash output like this:

output {
  if [type] == "sms-protocol" {
    elasticsearch {
          host =>["127.0.0.1"]
          index =>"smsprotocol-%{+YYYY.MM.dd}"
          codec =>"plain"
          workers =>1
          manage_template =>true
          template_name =>"smsprotocol"
          template_overwrite =>false
          port =>9200
          flush_size =>100
          idle_flush_time =>1
          protocol =>"http"
    }
  }
}

Create your Kibana4 Dashboard and enjoy!

 

Juergen Vigna

Juergen Vigna

NetEye Solution Architect at Würth Phoenix
I have over 20 years of experience in the IT branch. After first experiences in the field of software development for public transport companies, I finally decided to join the young and growing team of Würth Phoenix. Initially, I was responsible for the internal Linux/Unix infrastructure and the management of CVS software. Afterwards, my main challenge was to establish the meanwhile well-known IT System Management Solution WÜRTHPHOENIX NetEye. As a Product Manager I started building NetEye from scratch, analyzing existing open source models, extending and finally joining them into one single powerful solution. After that, my job turned into a passion: Constant developments, customer installations and support became a matter of personal. Today I use my knowledge as a NetEye Senior Consultant as well as NetEye Solution Architect at Würth Phoenix.

Author

Juergen Vigna

I have over 20 years of experience in the IT branch. After first experiences in the field of software development for public transport companies, I finally decided to join the young and growing team of Würth Phoenix. Initially, I was responsible for the internal Linux/Unix infrastructure and the management of CVS software. Afterwards, my main challenge was to establish the meanwhile well-known IT System Management Solution WÜRTHPHOENIX NetEye. As a Product Manager I started building NetEye from scratch, analyzing existing open source models, extending and finally joining them into one single powerful solution. After that, my job turned into a passion: Constant developments, customer installations and support became a matter of personal. Today I use my knowledge as a NetEye Senior Consultant as well as NetEye Solution Architect at Würth Phoenix.

Leave a Reply

Your email address will not be published. Required fields are marked *

Archive