filmov
tv
ELK Stack Setup with Alerts and Rules Feature Enabled Complete Walkthrough
Показать описание
In this video guide, I will show you how to setup your Elastic Search Stack (Elastic Search + Kibana + Logstash) using an Ubuntu 20 server virtual machine. Not only that I mean a SIEM without correlation/rules feature is pretty much useless so I will also show how to enable the Alerting/Rules functionality of Elastic SIEM.
By the way once you have configured everything don't forget to reset account passwords and make sure it is sync with the configuration files on the video guide. To reset ELK account use below command;
sudo /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
Then use the elastic user creds to access Kibana UI. Congrats now on to rule correlation!
#dfir #elasticsearch #siem #cybersecurity #blueteam
Hope you like this video and please do like, share and subscribe as support for me doing more of this stuff and it is my pleasure to contribute back to the community with these channels.
Come follow me on other channels. Thanks a bunch!
By the way once you have configured everything don't forget to reset account passwords and make sure it is sync with the configuration files on the video guide. To reset ELK account use below command;
sudo /usr/share/elasticsearch/bin/elasticsearch-setup-passwords interactive
Then use the elastic user creds to access Kibana UI. Congrats now on to rule correlation!
#dfir #elasticsearch #siem #cybersecurity #blueteam
Hope you like this video and please do like, share and subscribe as support for me doing more of this stuff and it is my pleasure to contribute back to the community with these channels.
Come follow me on other channels. Thanks a bunch!
0:13:19
0:01:42
0:14:35
0:08:54
0:08:49
0:03:00
0:07:45
0:14:26
1:02:51
0:35:12
0:07:24
0:41:58
0:29:33
0:07:19
0:20:44
0:13:42
0:46:07
0:02:01
0:06:24
0:47:02
0:08:57
0:26:52
0:24:34
0:45:05