- Running ELK 6.8.8 on premises
I was not sure if this topic would fit better in Logstash or Kibana, so I decided ELK, which is above both. Please forgive me if this should go to a different section.
I am looking for a way to be able to import data from different platforms to be processed in ELK and displayed in Kibana. Of course, I know about the beats and have even tried some, but I have not achieved my goal. I still have a lot to learn or maybe it is not the best way to achieve what I need in each case:
- Import data from the most popular antivirus. For example, knowing for each endpoint whether the AV is on / off, updated or not.
- Import data from the most popular firewalls. In this case I suppose I am interested in traffic logs, or if any rule was added / modified.
- Import data from vulnerability assessment software such as Nessus or OpenVas. In this case, I am interested in being able to import the reports after completing a scan.
Any mechanisms or ideas I could use?