4

I'm using UniFi manager to manage 10+ sites with 3-5 hotspots per site, and I look for more detailed statistics that the one offered by UniFi manager, such as:

  • following an user through different APs
  • number of total connections
  • all other stuff that would be interesting/meaningful for my clients who invested in these hotspot

The data exists, as I have huge logs, but i can't find a system that'll give me these consolidated stats, that quite a shame because everything else works perfectly with UBNT hardware.

Do you know any piece of software that might help me with that?

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
Rob
  • 141
  • 1
  • 3

1 Answers1

1

I'm about to implement OSSEC, more than likely in concert with Logstash and Elasticsearch.

I intend to use it to aggregate all kinds of log data from our network, from workstations, servers, a few appliances, and hopefully including the logs from our UniFi AP's. I have the UniFi controller running on an Ubuntu virtual machine. So while I cannot definitively claim this will accomplish exactly what you want, I sure hope it can do something pretty close...

Here's an interesting article.

Briefly from that article: "At this point you are able to collect OSSEC alerts and query them with the Elasticsearch RESTful API. But Elasticsearch provides a web console called Kibana which enables you to build consoles that post queries automatically to your Elasticsearch backend...."

The general notion is that OSSEC would detect events in your logs that you care about and direct those to Logstash (aggregation), Logstash looks like a syslog server, but with filtering and forwarding abilities. So Logstash would massage the data a little and relay it into Elasticsearch where it becomes indexed and searchable. Then the Kabana browser GUI is supposed to make the rest more or less enjoyable. Just a thought...

Craig Tullis
  • 488
  • 3
  • 14