Improving Log Analysis with Device ID Ratios inside Elasticsearch

Overview Ratios Power Context - Log analysis is less about raw numbers than ratios. Ratios put numbers in context. A security analyst follows multiple ratios and gains a sense of what is a heal...
Published Jun 29, 2021
Version 1.0
ASM Advanced WAF
F5 Device ID+
security
series-device-id-plus
Patrick_Zoller's avatar
Patrick_Zoller
Icon for Employee rankEmployee
Jul 01, 2021

Hi Smith787, thanks a lot for your comment and feedback.

Need to check but as far as I remember I was using Version 7.11 if Elasticsearch with basic license to build those Visualizations as well as the Dashboards. All related Log information will be sent by the BIG-IP via HSL to a SyslogNG instance. I may will record a Video or write a second article on how I made the solution working. Again, thanks a lot for your feedback.