Skip to content
Get Amazon ALB logs into your ELK stack
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
img
README.md
grafana-dashboard.json
logstash-filter-alb-logs.conf
logstash-input-s3.conf
logstash-output-elasticseach.conf

README.md

AWS ALB/ELB Logs for ELK

Dashboard1 Dashboard2

Usage

  1. Setup an S3 Bucket for your logs from your AWS LB. Check this link out for more information on how to do that: AWS S3 Bucket LB Logs Setup
  2. Configure an S3 input for your logstash instance, you can use the logstash-input-s3.conf here as a reference. Additional reference for the s3 input can be found here: Logstash s3 input plugin
  3. Copy the filter (logstash-filter-alb-logs.conf) into your logstash configuration. This is the "meat and potatoes" that does the parsing of the ALB logs
  4. Configure you output to elasticsearch (logstash-output-elasticsearch.conf for reference)
  5. Load the grafana-dashboard.json into your Grafana instance (sorry no Kibana dashboard at this time)
  6. ???
  7. Profit

Requirements

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.