Cool Solution - Kibana
From Univention Wiki
Kibana is a data virtualization tool which allows you to view the content of your ElasticSearch database. It is especially useful for viewing aggregated log files and metrics of your domain.
Kibana uses Elasticsearch as a Backend. Please install ElasticSearch according to our Article. We assume that you have the repository set from that article.
Install sudo from the Univention Repository
Kibana utilizes the same repositories as ElasticSearch. Thus it can be installed directly.
apt-get update && apt-get install kibana
Autostart Kibana automatically
update-rc.d kibana defaults 95 10 service kibana start
Open the Firewall Ports
To Access Kibana, you need to open the port in the firewall. Set the respective UCR variables to open them
ucr set security/packetfilter/tcp/5601/all=ACCEPT service univention-firewall restart
Most default values for Kibana are sufficient. However, to access it from remote, the server name has to be set. Open the config file
nano /etc/kibana/kibana.ymlFind the line starting with
#from the beginning of the line and replace the value with the actual server name. Close the Editor with CTRL+w CTRL+x.
Restart Elasticsearch and Kibana
service elasticsearch restart service kibana restart
You can access Kibana using the name of your server and port 5601 For the first login, use the username elastic and the password changeme .
Afterward please set the Discovery patterns according to the beats used within the web interface and configure the matching visualization.