Metricbeat is a lightweight shipper that you can install on your servers to periodically collect metrics from the operating system and from services running on…
ELK Stack processes events from a device via SNMP traps sent by the device. Configuring SNMP Server to send Threat based SNMP traps from McAfee…
Setting up a Zero Cost Threat Hunting Platform with Elastic Stack and Alienvault Reputation List Elastic Stack is an awesome suit of products used for…
Search Guard Installation and Concepts Search Guard is an Open Source Elasticsearch plugin that offers encryption, authentication, and authorization and can be used to secure…
The Elastic Stack is becoming increasingly popular with security analytics with any form of log inputs. In this post, we learn about how ELK can…
Event logs are the valuable source of information in detecting and investigating security incidents. As part of the regulatory requirements many companies collect and store…
Logstash is a useful tool for processing log files that accept data from multiple sources and different formats. Logstash easly process text-based logs and send…
Elasticsearch Curator helps to curate, or manage, the Elasticsearch indices and snapshots by getting the full list of indices from the Elasticsearch cluster as actionable…
Beats Beats are lightweight data shipping agents installed on machines to send data to logstash or elasticsearch. Beats installed on multiple machines help to centralize…