The objective of this project is to develop log processing and analysis facilities to support common working practices in the review of logs within the Enterprise Services and CIS teams. The proposed solution is an integrated environment built around the LogStash Indexer and ElasticSearch products.
Additional documentation can be found on the project SharePoint site.
The initial log feeds to be integrated into the production service to used by the Unix, Windows and network teams are -
- Wi-Fi VPN Radius logs
- Central authorisation service LDAP logs
- EASE Kerberos KDC logs
- EASE co-sign logs
- EASE Apache logs
- Shibboleth IDP logs
- Shibboleth Apache/Tomcat logs
- Mail relay mail logs
- Active Directory authentication logs
- Web proxy cache Squid logs
- Web proxy cache Apache logs
- Linux/Solaris server messages logs
Current project status
Report Date | RAG | Budget | Effort Completed | Effort to complete |
---|---|---|---|---|
July 2018 | BLUE | 70.0 days | 74.0 days | 0.0 |