Más contenido relacionado La actualidad más candente (20) Similar a Security monitoring log management-describe logstash,kibana,elastic slidshare (20) Security monitoring log management-describe logstash,kibana,elastic slidshare1. Security Event Monitoring,Log
Management Describe:
“LogStash,Elastic & Kibana"
Present & Gathered by:
Reza Adineh
Cyber Security Specialist
SOC Expert
Forensic Researcher
Contact me:
https://ir.linkedin.com/in/rezaadineh
Feb-2018
5. Heart of ELK stack: Elasticsearch
Based on Apache Lucene
Shay Banon, Compass to Elasticsearch, released in 2010
In 2012 Elastic was founded in Amsterdam
RESTful search & Analytics engine
12. Need for log analysis
Lets understand why do we need log analysis ?
16. Problems with log analysis
Lets understand what problems occurred with log analysis ?
33. Keep a deeper look at Logs & how implement
ElasticSearch, Logstach & Kibana
Logs & Log structures:
35. A log is human readable …
A human readable, machine parsable representation of an
event.
37. Thinking open source :
Logstash
Graylog
Logalyse
Scribe
Hadooooop
Did you like it ?
Lets look at Logstash …
53. Also you can use it as Central Syslog Server
It is too good for Appliances
60. Further reading on :
logstash.net
logstashbook.com
Juju charms.com/charms/precise/logstash-indexer
Logstash puppet module(github/electrical)