If you have been playing with Forcepoint™ firewalls, you know that traffic logs can be browsed and searched through their central management console (SMC).
If you play with packet captures on a regular basis, it’s likely you’ve already wondered if it’s possible to identify quickly what generates most traffic, what amount of data was transferred, etc.
The idea is to explore the use of Elasticsearch to index live monitoring events coming from various sources.
One of our customers recently asked us to setup Nagios plugin check_esxi_hardware.py from Claudio Kuenzler on its CentOS 6 monitoring server.
help text for search