How to send BIGIP virtual Server Logs[HSL] to ELK #40
Description
Hi Team,
Wanted to send BIGIP virtual Server Logs[HSL] to ELK and publish it also. but feel "logstash.conf" is not enough.
F5 Bigip is sending log to ELK logstach.
{"type":"response","@timestamp":"2021-09-01T18:09:48Z","tags":[],"pid":245,"method":"post","statusCode":200,"req":{"url":"/elasticsearch/_msearch?rest_total_hits_as_int=true&ignore_throttled=true","method":"post","headers":{"host":"3.87.141.156:5601","connection":"keep-alive","content-length":"919","accept":"application/json, text/plain, /","kbn-version":"7.4.2","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36","content-type":"application/x-ndjson","origin":"http://3.87.141.156:5601","referer":"http://3.87.141.156:5601/app/kibana","accept-encoding":"gzip, deflate","accept-language":"en-US,en;q=0.9,hi;q=0.8"},"remoteAddress":"223.235.12.xxx","userAgent":"223.235.12.xxxx","referer":"http://3.87.141.156:5601/app/kibana"},"res":{"statusCode":200,"responseTime":12,"contentLength":9},"message":"POST /elasticsearch/_msearch?rest_total_hits_as_int=true&ignore_throttled=true 200 12ms - 9.0B"}
Can you please help me to create the logstash file.