Additional data to be processed and displayed in ELK

  • Running ELK 6.8.8 on premises

Hi,

I was not sure if this topic would fit better in Logstash or Kibana, so I decided ELK, which is above both. Please forgive me if this should go to a different section.

I am looking for a way to be able to import data from different platforms to be processed in ELK and displayed in Kibana. Of course, I know about the beats and have even tried some, but I have not achieved my goal. I still have a lot to learn or maybe it is not the best way to achieve what I need in each case:

  • Import data from the most popular antivirus. For example, knowing for each endpoint whether the AV is on / off, updated or not.
  • Import data from the most popular firewalls. In this case I suppose I am interested in traffic logs, or if any rule was added / modified.
  • Import data from vulnerability assessment software such as Nessus or OpenVas. In this case, I am interested in being able to import the reports after completing a scan.

Any mechanisms or ideas I could use?

Thank you

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.