Logstash Event Enrichment: Fast and Flexible

Logstash comes with a large and vibrant plugin eco-system. This includes a number of plugins that are often used to enrich events with additional information, especially for network or security related data feeds. It is however not always easy to decide which plugins are most appropriate for a specific use-case.

Guy Boertje and Christian Dahlqvist present use-cases, best practices and practical tips for these plugins, that will allow you to add a number of useful plugins to your Logstash plugin toolbelt.

Highlights include:

  • Flexible enrichment using the translate plugin
  • Adding data from relational databases and Elasticsearch
  • Enriching network data

Related Resources:

Guy Boertje

Christian Dahlqvist

Solutions Architect

Elastic

Register to watch

You'll also receive an email with related content