-
Download the
docker-compose
file -
Create the
data
folder. -
Start the docker stack:
sudo docker compose up -d
-
Go to kibana web interface through
http://127.0.0.1:5601
-
Click on
Explore on my own
andDiscover
-
Finally create index pattern
dnscollector
and choosednstap.timestamp-rfc33939ns
-
Finally, run DNScollector from source and generate some DNS logs from your DNS server with DNStap protocol.
go run . -config docs/_integration/elasticsearch/config.yml