Installation

• Clone the repo
• Modify Environment Variables to suit your settings in .env file.
• and run the installer

sudo chmod +x install.sh
sudo ./install.sh <single-node|multi-node>

• Go have some coffee !
• Access Kibana Interface at https://hostnameOrIP:5601
• Read the output of install script for credentials :)

Uninstall

sudo chmod +x uninstall.sh
sudo ./uninstall.sh

Features

• TLS Enabled Communication between syslog-ng , kibana and elasticsearch.
• User Roles and Authentication for Kibana Access.
• Alerting Enabled in Kibana.
• Syslog-ng performs GEOIP Lookup.
• Patterndb Parsers for common applications.
• Windows Log Ready
• Wazuh Integration Ready.

Future Enhancements

• Implement Reusable blocks in syslog-ng
• Implement configuration variables in syslog-ng
• Automatically create syslog-ng user via API
• Implement Letsencrypt for certficates
• Add wazuh integration

Learn More

Watch my videos at https://www.youtube.com/playlist?list=PL5PZjrSldZ81vy_pQV-hFy5F7S4JnAVqN

Need Help ?

Open an issue in github.

Buy me Coffee

<a href="https://www.buymeacoffee.com/akn" target="_blank"><img src="https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png" alt="Buy Me A Coffee" style="height: 41px !important;width: 174px !important;box-shadow: 0px 3px 2px 0px rgba(190, 190, 190, 0.5) !important;-webkit-box-shadow: 0px 3px 2px 0px rgba(190, 190, 190, 0.5) !important;" ></a>

Youtube Demo and Tutorial