Hi,
I am having the following platform
OS - centos 7.4
ES - 6.2
Logstash - 6.2
Kibana - 6.2
Currently Iam using Packetbeat,filebeat and metricbeats in my clients. May I know whats the best beat that I can use in case I need to log the logins to my clients and the command execution logs.
Thanks in advance
Vishnu
Auditbeat is a Beat intended for auditing actions and processes on your systems (as the name suggests). You can check it out here:
Also, enabling system module of Filebeat collects the logs including login events. See more here: https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-module-system.html
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.