logstash – bits.of.info

Logstash: Failed to flush outgoing items UndefinedConversionError workaround

Posted on July 1, 2014 by bitsofinfo

If you have ever seen an error similar to this in Logstash it can be frustrating and can take your whole pipeline down (blocks). It appears that there are some outstanding tickets on this, one of which is here. This error can occur if you have an upstream input where the charset is defined as US-ASCII (such … Continue reading Logstash: Failed to flush outgoing items UndefinedConversionError workaround →

Encrypting Logstash data

Posted on June 25, 2014January 27, 2016 by bitsofinfo

Note, the patch described below is now merged into the official logstash-filter-cipher plugin as of January 2016, version 2.0.3 UPDATE: Note the pending patch to fix various issues and add random IV support for encrypting logstash event messages is located here here: https://github.com/logstash-plugins/logstash-filter-cipher/pull/3 Logstash can consume a myriad of data from many different sources and … Continue reading Encrypting Logstash data →

Logstash for ModSecurity audit logs

Posted on September 19, 2013June 25, 2014 by bitsofinfo

Recently had a need to take tons of raw ModSecurity audit logs and make use of them. Ended up using Logstash as a first stab attempt to get them from their raw format into something that could be stored in something more useful like a database or search engine. Nicely enough, out of the box, … Continue reading Logstash for ModSecurity audit logs →