Logstash: Failed to flush outgoing items UndefinedConversionError workaround

If you have ever seen an error similar to┬áthis in Logstash it can be frustrating and can take your whole pipeline down (blocks). It appears that┬áthere are some outstanding tickets on this, one of which is here. This error can occur if you have an upstream input where the charset is defined as US-ASCII (such … Continue reading Logstash: Failed to flush outgoing items UndefinedConversionError workaround

Encrypting Logstash data

Note, the patch described below is now merged into the official logstash-filter-cipher plugin as of January 2016, version 2.0.3 UPDATE: Note the pending patch to fix various issues and add random IV support for encrypting logstash event messages is located here here: https://github.com/logstash-plugins/logstash-filter-cipher/pull/3 Logstash can consume a myriad of data from many different sources and … Continue reading Encrypting Logstash data

Logstash for ModSecurity audit logs

Recently had a need to take tons of raw ModSecurity audit logs and make use of them. Ended up using Logstash as a first stab attempt to get them from their raw format into something that could be stored in something more useful like a database or search engine. Nicely enough, out of the box, … Continue reading Logstash for ModSecurity audit logs