mastodontech.de ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Offen für alle (über 16) und bereitgestellt von Markus'Blog

Serverstatistik:

1,5 Tsd.
aktive Profile

#Logstash

0 Beiträge0 Beteiligte0 Beiträge heute
ltning<p>For any <a class="hashtag" href="https://pleroma.anduin.net/tag/mtcp" rel="nofollow noopener" target="_blank">#MTCP</a>, <a class="hashtag" href="https://pleroma.anduin.net/tag/dos" rel="nofollow noopener" target="_blank">#DOS</a> and <a class="hashtag" href="https://pleroma.anduin.net/tag/retrocomputing" rel="nofollow noopener" target="_blank">#Retrocomputing</a> nerds out there who are also running <code>httpserv</code> and want pretty graphs, poke me for a recipe for a hideosly bloated <a class="hashtag" href="https://pleroma.anduin.net/tag/logstash" rel="nofollow noopener" target="_blank">#logstash</a> configuration to ingest the UDP logs.</p><p>I feed it to <a class="hashtag" href="https://pleroma.anduin.net/tag/graylog" rel="nofollow noopener" target="_blank">#Graylog</a> which stores the data in <a class="hashtag" href="https://pleroma.anduin.net/tag/opensearch" rel="nofollow noopener" target="_blank">#Opensearch</a> - a pipeline that combined (and this is accurate) needs, conservatively, 4096 times as much RAM as the floppy museum itself (8MB).</p><p>And while looking at this when making this screenshot: I wonder why someone would hit http//floppy.museum with a <code>Referer</code>-header indicating they come from a salesforce-dot-com address? http-colon-slashslash-136.146.46.127 (about halfway down the list).</p><p><a class="hashtag" href="https://pleroma.anduin.net/tag/msdos" rel="nofollow noopener" target="_blank">#msdos</a> <a class="hashtag" href="https://pleroma.anduin.net/tag/bloatware" rel="nofollow noopener" target="_blank">#bloatware</a> <a class="hashtag" href="https://pleroma.anduin.net/tag/theremustbeabetterway" rel="nofollow noopener" target="_blank">#theremustbeabetterway</a></p>
BSI WID Advisories Feed<p><a href="https://social.adlerweb.info/tags/BSI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BSI</span></a> WID-SEC-2025-0952: [NEU] [mittel] <a href="https://social.adlerweb.info/tags/LogStash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LogStash</span></a>: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen</p><p>Ein entfernter, anonymer Angreifer kann eine Schwachstelle in LogStash ausnutzen, um Sicherheitsvorkehrungen zu umgehen.</p><p><a href="https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0952" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wid.cert-bund.de/portal/wid/se</span><span class="invisible">curityadvisory?name=WID-SEC-2025-0952</span></a></p>
ck 👨‍💻<p>After I adjusted a field type in the Elastic <a href="https://noc.social/tags/Logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Logstash</span></a> configuration to "integer" (which is translated into "long" in <a href="https://noc.social/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Elasticsearch</span></a>), the field now led to a conflict in <a href="https://noc.social/tags/kibana" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kibana</span></a> </p><p>In order to change the field type, there was (unfortunately) no other way around re-indexing the data into a new index.</p><p>It worked. But it's slow, to say the least, for large indices. </p><p><a href="https://www.claudiokuenzler.com/blog/1483/how-to-change-mapping-field-type-re-index-elasticsearch" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">claudiokuenzler.com/blog/1483/</span><span class="invisible">how-to-change-mapping-field-type-re-index-elasticsearch</span></a></p>
Eric Horwath<p>Which <a href="https://hachyderm.io/tags/logging" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logging</span></a> system do you prefer for managing logs in <a href="https://hachyderm.io/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Kubernetes</span></a>?</p><p><a href="https://hachyderm.io/tags/k8s" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>k8s</span></a> <a href="https://hachyderm.io/tags/log" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>log</span></a> <a href="https://hachyderm.io/tags/LogManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LogManagement</span></a> <a href="https://hachyderm.io/tags/logs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logs</span></a> <a href="https://hachyderm.io/tags/kibana" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kibana</span></a> <a href="https://hachyderm.io/tags/elastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>elastic</span></a> <a href="https://hachyderm.io/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>elasticsearch</span></a> <a href="https://hachyderm.io/tags/opensearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensearch</span></a> <a href="https://hachyderm.io/tags/fluent" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fluent</span></a> <a href="https://hachyderm.io/tags/fluent2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fluent2</span></a> <a href="https://hachyderm.io/tags/fluentbit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fluentbit</span></a> <a href="https://hachyderm.io/tags/fluentd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fluentd</span></a> <a href="https://hachyderm.io/tags/logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logstash</span></a> <a href="https://hachyderm.io/tags/kafka" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kafka</span></a> <a href="https://hachyderm.io/tags/grafana" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>grafana</span></a> <a href="https://hachyderm.io/tags/loki" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>loki</span></a> <a href="https://hachyderm.io/tags/promtail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>promtail</span></a> <a href="https://hachyderm.io/tags/cncf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cncf</span></a></p>
ck 👨‍💻<p>When you use Elastic's <a href="https://noc.social/tags/Logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Logstash</span></a> http output plugin, you can send logs to a HTTP endpoint (e.g. to a HTTP API), sometimes also named <a href="https://noc.social/tags/logsink" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logsink</span></a>. 🪵 ⬇️ </p><p>The plugin's format setting allows a couple of options. But what is the actual difference between the default "json" value and "json_batch"? 🤔 </p><p>Here's an actual example to see the differences in a practical way. </p><p><a href="https://www.claudiokuenzler.com/blog/1461/logstash-http-output-json-batch-format-difference" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">claudiokuenzler.com/blog/1461/</span><span class="invisible">logstash-http-output-json-batch-format-difference</span></a></p>
ck 👨‍💻<p>In a large ELK <a href="https://noc.social/tags/observability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>observability</span></a> stack, the <a href="https://noc.social/tags/Nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nginx</span></a> access logs of a specific web application needed to be sent to an external service for data analysis. </p><p>To comply with data privacy, some parts of the log events must be removed. At the same time the external service also required a specific name of fields - which differed from the <a href="https://noc.social/tags/ELK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ELK</span></a> logs.</p><p>Luckily there's the <a href="https://noc.social/tags/Logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Logstash</span></a> mutate filter, which allows to modify and alter log events - until everyone's happy. </p><p><a href="https://www.claudiokuenzler.com/blog/1459/log-manipulation-alteration-with-logstash-mutate-filter" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">claudiokuenzler.com/blog/1459/</span><span class="invisible">log-manipulation-alteration-with-logstash-mutate-filter</span></a></p>
Philipp Krenn<p>continuing the shell tools: tuistash for <a href="https://mastodon.social/tags/logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logstash</span></a> looks great — <a href="https://github.com/edmocosta/tuistash" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/edmocosta/tuistash</span><span class="invisible"></span></a><br>data is retrieved from the logstash API (local or remote) or offline from a diagnostic bundle (<a href="https://github.com/elastic/support-diagnostics" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/elastic/support-dia</span><span class="invisible">gnostics</span></a>). no support for aggregating data from multiple logstashs for now</p><p>PS: this one is a side project of one of our colleagues</p>
Philipp Krenn<p>open source is coming in 2 broad flavors:<br>* permissive "do what you want" with the apache license 2.0 as a popular choice: this is what <a href="https://mastodon.social/tags/logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logstash</span></a> (dual-licensed) and <a href="https://mastodon.social/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>elasticsearch</span></a> language clients have always been using<br>* copyleft "do what you want but share changes alike" 2/10</p>
Fabian 🌵<p>Downtime of a company's main database is very expensive and a major risk to operations. In this success story, I show how I helped a device manufacturer gain real-time insights into their data warehouse using <a href="https://mastodon.world/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Elasticsearch</span></a>, <a href="https://mastodon.world/tags/Logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Logstash</span></a> and <a href="https://mastodon.world/tags/kibana" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kibana</span></a> </p><p><a href="https://www.fabianstadler.com/2024/09/mysql_database_elk.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">fabianstadler.com/2024/09/mysq</span><span class="invisible">l_database_elk.html</span></a></p><p><a href="https://mastodon.world/tags/development" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>development</span></a> <a href="https://mastodon.world/tags/softwareengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>softwareengineering</span></a></p>
Elizabeth K. Joseph<p>The <a href="https://floss.social/tags/s390x" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>s390x</span></a> open source team at IBM confirms the latest versions of various software packages run well on <a href="https://floss.social/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> on <a href="https://floss.social/tags/IBMZ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IBMZ</span></a> &amp; <a href="https://floss.social/tags/LinuxONE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LinuxONE</span></a></p><p>In July of 2024 validation was maintained for over 30 projects, including: <a href="https://floss.social/tags/Logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Logstash</span></a>, the <a href="https://floss.social/tags/R" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>R</span></a> programming language &amp; <a href="https://floss.social/tags/zabbix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zabbix</span></a></p><p>In the community, the bootc and Kueue projects both added s390x support to their respective CI systems 🎉 </p><p>Full report: <a href="https://community.ibm.com/community/user/ibmz-and-linuxone/blogs/elizabeth-k-joseph1/2024/08/23/linuxone-open-source-report-july-2024" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">community.ibm.com/community/us</span><span class="invisible">er/ibmz-and-linuxone/blogs/elizabeth-k-joseph1/2024/08/23/linuxone-open-source-report-july-2024</span></a></p>
Philipp Krenn<p>structured logging in @springboot, supporting <a href="https://mastodon.social/tags/elastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>elastic</span></a> common schema (ECS) and <a href="https://mastodon.social/tags/logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logstash</span></a> *nice*<br><a href="https://spring.io/blog/2024/08/23/structured-logging-in-spring-boot-3-4" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">spring.io/blog/2024/08/23/stru</span><span class="invisible">ctured-logging-in-spring-boot-3-4</span></a></p>
OSIRIS<p>Any elasticsearch / kubernetes peeps on here?</p><p>Trying to deploy logstash with helm, but I can't find anywhere how to specify the elasticsearch hostname... (logstash defaults to 'elasticsearch')</p><p><a href="https://mastodon.nu/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> <a href="https://mastodon.nu/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>elasticsearch</span></a> <a href="https://mastodon.nu/tags/logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logstash</span></a> <a href="https://mastodon.nu/tags/helm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>helm</span></a> </p><p>Chart:<br><a href="https://artifacthub.io/packages/helm/elastic/logstash" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">artifacthub.io/packages/helm/e</span><span class="invisible">lastic/logstash</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Hapbt" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Hapbt</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@mhoye" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mhoye</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@jplebreton" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jplebreton</span></a></span> </p><p>and you can use <a href="https://infosec.space/tags/logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logstash</span></a> to shive your entire <a href="https://infosec.space/tags/syslogs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>syslogs</span></a> to <a href="https://infosec.space/tags/graylog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>graylog</span></a> if you need auditable <a href="https://infosec.space/tags/logging" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logging</span></a>...</p>
Philipp Krenn<p>we‘ll have another elastic meetup in vienna tomorrow: TDD with <a href="https://mastodon.social/tags/logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logstash</span></a> by our host anyline and ES|QL, the new piped query language for <a href="https://mastodon.social/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>elasticsearch</span></a> and <a href="https://mastodon.social/tags/kibana" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kibana</span></a> <br>join us on <a href="https://meetu.ps/e/MHBLw/4d3Qg/i" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">meetu.ps/e/MHBLw/4d3Qg/i</span><span class="invisible"></span></a> :)</p>
Philipp Krenn<p><a href="https://mastodon.social/tags/logstash" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>logstash</span></a> about to land in the <a href="https://mastodon.social/tags/elastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>elastic</span></a> <a href="https://mastodon.social/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>kubernetes</span></a> operator: <a href="https://github.com/elastic/cloud-on-k8s/pull/6732" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/elastic/cloud-on-k8</span><span class="invisible">s/pull/6732</span></a><br>this was long overdue :)</p>