We require automation for Ingest pipelines / dashboard builds, for:
• Watchguard Firewalls
Dashboards should be designed to most intuitively show the most valuable insights. Watchguard website has the syslog information.
Finished module will consist of:
• Kibana JSON objects for index-pattern, visualizations and dashboards
• Logstash pipeline configuration (or Elasticsearch ingest pipeline - but logstash is preferred)
• Elasticsearch index template
• Data source(s), one or more of:
- API connector in Python or Golang
- Custom beat implementation based on libbeat
- Logstash input plugin in Ruby
Artefacts should be amenable to centralised management/deployment with Ansible, whether through templated logstash/beats configuration or POSTing to the Kibana saved objects API. All work must be compatible with ELK 7.1.1-oss. Where existing code is leveraged, it should be BSD / Apache licensed or similar - GPL-type licenses are acceptable if necessary but must be isolated. Proprietary-licensed code must not be used, eg the Elastic license.
I'm an ELK engineer for reputed telco company in the world. I'm currently working on ELK stack so I have a proper understanding about how to complete your task.