3. Example

A Step by step Example

It is possible to create random logs to test the project just by running the commands above.

First of all, it is necessary to up the main container, the proxy server and Kibana if you want to visualize the data on Elasticsearch:

sudo docker-compose up -d buffalogs nginx kibana

Then, load the Elastic Common Schema template with:

buffalogs_module/config/elasticsearch$ ./load_templates.sh

At the end, you have to create the random test data launching the Python script from the buffalogs_module/examples folder:

python random_example.py

Now, you can see the logs data newly uploaded at localhost:5601

buffalogs_example_kibana_page

At this stage, it is your choice to run the application manually or automatically (using Celery).

Running Manually

To run the application manually, launch the command above from buffalogs_module/buffalogs:

python manage.py impossible_travel

Running Automatically

To run it in an automated way, just start up all the tools with:

sudo docker-compose up -d

The previous command will start up the remaining containers. In particular, this will activate Celery and Celery Beat, respectively the distributed task queue and the scheduler.

Results

In both cases, the results are available at localhost:80

Dashboard Page

buffalogs_dashboard_screenshot

Users Page

buffalogs_users_page

All Logins associated to the user

buffalogs_all_logins_page

Unique Logins

Just the details of the logins with different user agents or countries buffalogs_unique_logins_page

Alerts related to the user

buffalogs_alerts_page

Provide feedback

Saved searches

Use saved searches to filter your results more quickly