{{home}}
Parse and search AWS Application Load Balancer logs using logstash grok filters.
{{start}}
docker-compose -f docker-compose.yml -f alb-json-log.yml up -d --build
echo "Open http://${MYHOSTNAME}:8086/docs/alb.md in your browser to view these instructions."
- See
alb-json-log.yml
- See
logstash/logstash_alb.conf
- See
data/2_sample/alb.log
- The comments link to an article illustrating how to construct a grok filter for these AWS logs
- Navigate to the OpenSearch Dashboard Discover Page
- Credentials:
admin:admin
- If prompted, choose the "Global" tenant
- Note that the date has been set to roll back to April 2023
- Note the designated search and the selected desplay fields
- Credentials:
{{stop}}
docker-compose -f docker-compose.yml -f alb-json-log.yml down --volume