Author: mwpreston

A newbies guide to ELK – Part 2 – Forwarding logs

In part 1 of this series we took a look at how to get all of the components of elkstack up and running, configured, and talking to each other.  Now not to say those aren’t important and necessary steps but having an elk stack up is not even 1/4 the amount of work required and quite honestly useless without any servers actually forwarding us their logs.  So with that said let’s take a look at a few different ways we can forward off some logs to logstash. Syslog First up is the ever so familiar syslog!  This is perhaps...

Read More

Quick to the point – Allowing logstash to bind to port 514

Most all of the example configurations out there that show how to setup logstash with syslog traffic tend to always include some sort of non-standard syslog port, such as 5000 or 5514.  Now this is fine so long as the client you are shipping the logs from provides the ability to specify which port they do so on – but I’ve run into a few different scenarios where I’m forced to send my syslog traffic down port 514, the normal syslog port, without the ability to select any other port. The standard syslog port, 514, presents a problem in itself though...

Read More

A newbies guide to ELK – Part 1 – Deployment

There are many ways to get an ELK (ElasticSearch, Logstash, Kibana) stack up and running – there are a ton of pre-built appliances, docker images, vagrant images, etc…  For this go around, however, I decided to install it piece by piece as I wanted to test some integration with some other visualization products such as Graylog and Grafana.  If you have deployed an elkstack before you know it isn’t that hard – however I figured I’d document my processes here as it’s the first time I’ve run through it.  I chose to use an Ubuntu 16.04 server build for...

Read More

Replacing the Veeam Enterprise Manager REST API Self Signed Certificate

Automation is a big part of my career – which is why I love products that dish out RESTful API endpoints.  Veeam does this via their Enterprise Manager product.  The problem though, which I assume this is somewhat common, is that when I first installed Enterprise Manager I did so utilizing a self signed certificate.  Now normally this isn’t a big deal, but when attempting to integrate the API with other applications that are running SSL sometimes it can be a pain to either import the self signed certificate into the application or to somehow code around having to...

Read More

Friday Shorts – PowerCLI, Scale Computing, vMA replacement and Go Habs Go!

Ramblings about randomness I’ve found on the internets this week – you know, like this!   New Release of PowerCLI is out. Although it’s only a minor release we still have some new features packed into the 6.5.3 release of PowerCLI which hit the shelves this week!  One of the most prominent is the addition of cmdlets/modules for the NSX-T functionality (VMware’s multi-hypervisor/multi-cloud version of NSX) which was announced just this past VMworld.  Aside from that, and in my opinion a very useful feature is the addition of a Create method which can be used with some of the services...

Read More