Skip to content

Commit a52ea41

Browse files
Merge pull request #276916 from halkazwini/nw-graylog
Network Watcher: Updates: Manage and analyze network security group flow logs in Azure using Network Watcher and Graylog
2 parents 906d1da + a4b16da commit a52ea41

File tree

1 file changed

+3
-6
lines changed

1 file changed

+3
-6
lines changed

articles/network-watcher/network-watcher-analyze-nsg-flow-logs-graylog.md

Lines changed: 3 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -5,16 +5,13 @@ services: network-watcher
55
author: halkazwini
66
ms.service: network-watcher
77
ms.topic: how-to
8-
ms.date: 05/03/2023
8+
ms.date: 05/31/2024
99
ms.author: halkazwini
10-
ms.custom: engagement-fy23, linux-related-content
10+
ms.custom: linux-related-content
1111
---
1212

1313
# Manage and analyze network security group flow logs in Azure using Network Watcher and Graylog
1414

15-
> [!CAUTION]
16-
> This article references CentOS, a Linux distribution that is nearing End Of Life (EOL) status. Please consider your use and planning accordingly. For more information, see the [CentOS End Of Life guidance](~/articles/virtual-machines/workloads/centos/centos-end-of-life.md).
17-
1815
[Network security group flow logs](nsg-flow-logs-overview.md) provide information that you can use to understand ingress and egress IP traffic for Azure network interfaces. Flow logs show outbound and inbound flows on a per network security group rule basis, the network interface the flow applies to, 5-tuple information (Source/Destination IP, Source/Destination Port, Protocol) about the flow, and if the traffic was allowed or denied.
1916

2017
You can have many network security groups in your network with flow logging enabled. Several network security groups with flow logging enabled can make it cumbersome to parse and gain insights from your logs. This article provides a solution to centrally manage these network security group flow logs using Graylog, an open source log management and analysis tool, and Logstash, an open source server-side data processing pipeline.
@@ -55,7 +52,7 @@ prerequisites:
5552
### Install Logstash
5653

5754
Logstash is used to flatten the JSON formatted flow logs to a flow tuple level. Flattening the flow logs makes the logs easier to organize and search in Graylog.
58-
The following instructions are used to install Logstash in Ubuntu. For instructions about how to install this package in RHEL/CentOS, refer to the [Installing from Package Repositories - yum](https://www.elastic.co/guide/en/logstash/8.7/installing-logstash.html#_yum) article.
55+
The following instructions are used to install Logstash in Ubuntu. For instructions about how to install this package in Red Hat Enterprise Linux, see [Installing from Package Repositories - yum](https://www.elastic.co/guide/en/logstash/8.7/installing-logstash.html#_yum).
5956

6057
1. To install Logstash, run the following commands:
6158

0 commit comments

Comments
 (0)