This is a summary page which links to a set of fairly detailed posts about my adventures getting visualisation of log data working from the Exim MTA, using logstash/elasticsearch/kibana (the ELK stack).
Posts on this subject are best read in this order:
- Enter Logstash
- First steps
- Consistency & patterns
- grok & friends
- Pumping the data into elasticsearch