Skip to content

zaneGittins/logstash-input-duo

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

examples

examples

 
 

lib/logstash/inputs

lib/logstash/inputs

 
 

spec/inputs

spec/inputs

 
 

Gemfile

Gemfile

 
 

LICENSE

LICENSE

 
 

NOTICE.TXT

NOTICE.TXT

 
 

Rakefile

Rakefile

 
 

logstash-input-duo-1.0.2.gem

logstash-input-duo-1.0.2.gem

 
 

logstash-input-duo.gemspec

logstash-input-duo.gemspec

 
 

readme.md

readme.md

 
 

Repository files navigation

Logstash DUO Plugin

This Logstash input plugin ingests events from DUO using the admin APIs. It ingests the following events:

  • Authentication logs
  • Administrator logs
  • Telephony logs
  • Offline enrollment logs
  • Trust monitor logs

Install

# Git clone and build gem, alternatively, download the latest gem from the repo.
git clone https://github.com/zaneGittins/logstash-input-duo
cd logstash-input-duo
gem build logstash-input-duo.gemspec

# Install the plugin
sudo /usr/share/logstash/bin/logstash-plugin install ~/logstash-input-duo/logstash-input-duo-1.0.1.gem

Remove

sudo /usr/share/logstash/bin/logstash-plugin remove logstash-input-duo

Configure

  • ikey = integration key.
  • skey = secret key.
  • host = DUO admin API fqdn.
  • interval = time in minutes to wait between polling the API for new Trust Monitor events.
input {
  logstash-input-duo_trustmonitor {
    ikey => "<Your Admin DUO Integration Key.>"
    skey => "<Your Admin DUO Secret Key.>"
    host => "<Your Admin DUO host.>"
    interval => 1
  }
}
output {
    stdout { codec => rubydebug }
}

References

About

Logstash input plugin for DUO logs

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages