Logstash Integration with Device42
Device42 / Logstash (ELK) Integration
View Device42’s SIEM audit data in the same context as other changes from around your network, like events and triggers from other monitoring, logging, and/or security tools!
Send Device42 logs to Logstash for better event correlation!
When you ship your logs to Logstash / Kibana, you can visually audit logs and event flow using any of Kibana’s many dashboards.
You’ll also benefit from better event correlation when you send logs to Logstash since all your logs are now visible in the same, searchable place!
Correlating events around your infrastructure has never been easier!
View log data in Device42 just like you always have!
Once you’ve configured your logs to ship to Logstash, continue to use Device42 as usual. You’ll still be able to view your logs from within the Device42 UI just like you always have!
When you configure Device42 to send logs to Logstash (the ELK Stack = Elasticsearch, Logstash, Kibana), your basic workflow remains unchanged!
Leverage the power of external SIEM, while all features within the Device42 interface continue to function as they always have.
Configuring external logging couldn’t be easier!
Getting your Device42 logs to LogStash couldn’t be easier! Head over to Tools → Webhooks → Actions, where you can configure one or more webhooks to push events to your Logstash instance!
We recommend you use logstash-input-http with webhooks. Learn more about configuring Logstash http in this blog post, and get more details in our SIEM / External Logging documentation.
Start correlating your Device42 Audit logs with the rest of your event data today!
If you aren’t already a Device42 user, download a free 30-day trial NOW!
For documentation on setting up the Logstash integration, see our documentation here.
If you run into any unexpected behavior, bugs, or otherwise have questions, comments, or feature requests, feel free to reach out to [email protected]