idh Logging-Framework -> short ilf
For collection, storage and evaluation of log data.
Our solution is highly available, stable and performant and based on selected
Open source components. For the use of the SME up to the big Enterprise environment.
All components that we have packaged are freely available on our repository.
We value the versions used together, so our version is not on the bleeding edge versions but on versions selected for each release.
Our packages are packaged for RPM systems (currently RHEL7 / Centos7), but all other systems (Windows, Linux, unix, Mac, etc.) can also be connected to the ILF stack.
We build our solution so that an expansion of the environment is quick and uncomplicated. By adding an additional VM, the solution scales even under heavy load.
All components used in our stack have been used for several years, so our expertise in these areas is very high. We also recommend optimizing your log costs, for example, when optimizing commercial solutions that have a cost model based on data throughput.
Used components for ILF (components can be replaced by others):
Rsyslog: The default logsource for ILF is rsyslog, because rsyslog default exists moderately on all systems. Of course, other sources can be used.
Logstash: The logic for handling logs takes place in the logstash, where filters can be defined, data enriched or encrypted.
Kafka: The data hub and the heart of Kafka. Kafka accepts data in all formats and from all sources (producer) and passes them on to 1-n (consumer). This enables team-wide use of data. For example, evaluations in the security area about all OperationSystem Logs in a company.
Zookeeper: This component manages the cluster functions in the ILF and guarantees a highly available environment.
Elastisearch: A fast and stable database with which we have had a very good experience.
Kibana: Very powerful frontend which is used to visualize the collected data.
Samples: We have a large number of templates that have already been implemented in customer environments. These are also available for free.
One of the key points for a centralized logging infrastructure is to worry about the data sharing, provisioning and security in advance. We have made all these thoughts in the implementation of our environment and are constantly improving, so that our solution in the industry, in the financial sector and in education is used.
Here are some examples of dashboards.
Authentication & Security
Tel. +41 52 366 39 01
Fax +41 52 366 39 05
+41 52 366 39 01