From the course: Complete Guide to Open Source Security
Join today to access over 24,500 courses taught by industry experts.
Installing the ELK Stack SIEM
From the course: Complete Guide to Open Source Security
Installing the ELK Stack SIEM
- [Instructor] One of the major tasks in cyber defense is monitoring for attacks. In this section we'll check out what is known as a security information and event manager, or SEIM, which we use for centralized monitoring of logs. The first of two security information and event managers that we'll look at is a tool called ELK Stack. The name ELK Stack comes from the three original components that make up the SEIM, the Elastic search database, the Logstash, log management system, We won't be installing LogStash as we can collect the logs directly into the elastic search database, but we'll still refer to our SIEM as ELK Stack. The purpose of this system is to collect logs which record events that have happened on a host, and be able to search these logs to find any unusual activity or to match them against known attack logs so that we can be alerted if an attack is taking place. I've cloned the Kali Purple template and now have the ELK Stack server on 192.168.1.102. So let's install…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
-
(Locked)
Installing the ELK Stack SIEM8m 19s
-
(Locked)
Upgrading Kibana to HTTPS5m 39s
-
(Locked)
Configuring log integrations3m 48s
-
(Locked)
Installing the Fleet server2m 51s
-
(Locked)
Enrolling hosts into the Fleet server6m 58s
-
(Locked)
Enhancing your logs9m 19s
-
(Locked)
Detecting reconnaissance with the ELK Stack7m 20s
-
(Locked)
Detecting exploitation with the ELK Stack4m 56s
-
(Locked)
Monitoring alerts with the ELK Stack4m 39s
-
(Locked)
-
-
-
-
-
-