A lightweight PoC to demonstrate OpenSearch capabilities for logging with:
- vector (Logstash/Fluentd/Fluentbit alternative) as centralized analyser;
- redpanda (Kafka) as stream for durability;
Use cases:
- Collect access and app logs (tomcat, apache httpd, nagios)
- Collect network packet data (DNS, HTTP, ICMP, etc.) (packetbeat)
- Collect server metrics (metricbeat)
Transformations:
- Multiple parsing strategies: parsing syslog, common log, and regex for niche technologies.
- Redact sensitive data by using regex.
- SHA-3 hashing via "sha3"
- Enrich data with GeoIP data.