Versions Compared

Old Version 63

changes.mady.by.user Sokol Gjeçi

Saved on

compared with

New Version 64

changes.mady.by.user Sokol Gjeçi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
firewall-cmd --zone=wifimon --list-ports 
5044/tcp
firewall-cmd --zone=wifimon --list-sources
10.10.10.111/32 10192.10168.101.15/32


Note
titleNOTE

In the configuration of Logstash firewall, 10.10.10.111 and 10192.10168.101.15 are the IPs of the servers where Filebeat agents are installed. For the other components, their IPs are described at 04 Streaming Logs Into ELK Cluster section.

...

Code Block
title/tmp/sample_logs_output.json
{"@timestamp":"2020-06-28T13:07:37.183Z","@metadata":{"beat":"filebeat","type":"_doc","version":"7.8.0"},"logtype":"radius","message":"Sun Mar 10 08:16:05 2019\n\tService-Type = Framed-User\n\tNAS-Port-Id = \"wlan2\"\n\tNAS-Port-Type = Wireless-802.11\n\tUser-Name = \"username@example.org\"\n\tAcct-SessionId = \"82c000cd\"\n\tAcct-Multi-Session-Id = \"CC-2D-E0-9A-EB-A3-88-75-98-6C-31-AA82-C0-00-00-00-00-00-CD\"\n\tCalling-Station-Id = \"88-75-98-6C-31-AA\"\n\tCalledStation-Id = \"CC-2D-E0-9A-EB-A3:eduroam\"\n\tAcct-Authentic = RADIUS\n\tAcctStatus-Type = Start\n\tNAS-Identifier = \"Eduroam\"\n\tAcct-Delay-Time = 0\n\tNASIPtNAS-IP-Address = 192.168.0192.22111\n\tEvent-Timestamp = \"Mar 8 2019 08:16:05 CET\"\n\tTmpString-9 = \"ai:\"\n\tAcct-Unique-Session-Id = \"e5450a4e16d951436a7c241eaf788f9b\"\n\tRealm = \"example.org\"\n\tTimestamp = 1552029365"}

...