These are fascinating times we find ourselves in as security professionals, never has there been so much information at our fingertips on how to do our jobs in creative and outside the box ways! It’s literally like being Neo in the Matrix, you can find and follow bona fide rockstars such as Matt Graeber, Will … Continue reading 3 Steps to Improve Your Security

In this post we are going to install Logstash to finish up our Elasticsearch server. So let's start. First thing we will do is install Logstash. sudo apt-get update && sudo apt-get install logstash Now we will create our Logstash configuration file to be able to receive event logs from our Windows endpoints with Winlogbeat … Continue reading Elasticsearch Stack Install Part 3 Logstash

So we will be picking up where we left off. We have already installed Elasticsearch so if you have not completed that step yet, Part 1 is here. On with Kibana... Step 1 Install Kibana: sudo apt-get update && sudo apt-get install kibana Next we will connect the server to our localhost like we did with Elasticsearch. … Continue reading Elasticsearch Stack Install Part 2 Kibana

So in this blog post I am going to start a series of posts dealing with installing the Elasticsearch stack and then using Winlogbeat to forward Windows event logs and Filebeat to forward bro logs and then finally we will build out some cool visualizations and dashboards. I will be installing the Elasticsearch stack on … Continue reading Elasticsearch Stack Install Part 1 Elasticsearch