ELK

ELK = Elastic Search + Logstash + Kibana

https://www.linuxfestnorthwest.org/sites/default/files/slides/Log%20Analysis%20with%20the%20ELK%20Stack.pdf

https://www.logstashbook.com/TheLogstashBook_sample.pdf

Check the Logstash configuration /opt/logstash/bin/logstash agent -f logstash.conf --configtest

Check if Elasticsearch is running curl http://localhost:9200/_status?pretty=true

Check to see if Logstash is getting events to Elasticsearch curl "http://localhost:9200/_search q=type:syslog&pretty=true"

Add entry in syslog logger -i "Test message"