Setting up a Zero Cost Threat Hunting Platform with Elastic Stack and Alienvault Reputation List Elastic Stack is an awesome suit of products used for…
Search Guard Installation and Concepts Search Guard is an Open Source Elasticsearch plugin that offers encryption, authentication, and authorization and can be used to secure…
Wazuh is a popular open source security detection, visibility, and compliance project which was born as a fork of OSSEC HIDS, and integrates with Elastic…
The Elastic Stack is becoming increasingly popular with security analytics with any form of log inputs. In this post, we learn about how ELK can…
Logstash is a useful tool for processing log files that accept data from multiple sources and different formats. Logstash easly process text-based logs and send…
Elasticsearch Curator helps to curate, or manage, the Elasticsearch indices and snapshots by getting the full list of indices from the Elasticsearch cluster as actionable…
Beats Beats are lightweight data shipping agents installed on machines to send data to logstash or elasticsearch. Beats installed on multiple machines help to centralize…
USB storage devices are commonly used in almost all organizations to store or transfer data. These devices act as the primary sources of malware or…
Grok is a filter used by Logstash to parse unstructured data to structured format which is queryable by elasticsearch. Logstash comes with almost 120 patterns…