elasticsearch, logstash and kibana configuration for pi-hole visualiziation
please reimport the ndjson dashboard and apply the updated version of 20-dns-syslog.conf
fix for https://github.com/nin9s/elk-hole/issues/19
this is an intermediate release as the grok logic needs some further tweaking ...
this release fixes some major issues I've discovered which lead to incorrect mapping of log lines with tags:
this could lead to tagging of logs which are actually "cached domain to ip" to be categorized as "response domain to ip". From this update on you should see A LOT more cached entries than ever before.
the dashboard also needed some fixing as the request count in some visualizations where not counted correctly.
note: the file ndjson/v7.x vis and dash/elk-hole - vis_and_dash.ndjson should be imported (select overwrite) into kibanas saved objects and will include both the updated visualizations and the dashboard.
for this patch to work you only need to replace the following files:
20-dns-syslog.conf
import into kibanas saved objects: elk-hole - vis_and_dash.ndjson
this is an intermediate release as the grok logic needs some further tweaking ...
this release fixes some major issues I've discovered which lead to incorrect mapping of log lines with tags:
this could lead to tagging of logs which are actually "cached domain to ip" to be categorized as "response domain to ip". From this update on you should see A LOT more cached entries than ever before.
the dashboard also needed some fixing as the request count in some visualizations where not counted correctly.
note: the file ndjson/v7.x vis and dash/elk-hole - vis_and_dash.ndjson should be imported (select overwrite) into kibanas saved objects and will include both the updated visualizations and the dashboard.
for this patch to work you only need to replace the following files:
20-dns-syslog.conf
import into kibanas saved objects: elk-hole - vis_and_dash.ndjson
merging https://github.com/nin9s/elk-hole/pull/15 to master
various dashboard fixes elk-hole.zip
initial release