Best Beats for Security Analytics and login checks

I am having the following platform
OS - centos 7.4
ES - 6.2
Logstash - 6.2
Kibana - 6.2

Currently Iam using Packetbeat,filebeat and metricbeats in my clients. May I know whats the best beat that I can use in case I need to log the logins to my clients and the command execution logs.

Thanks in advance

Auditbeat is a Beat intended for auditing actions and processes on your systems (as the name suggests). You can check it out here:

Also, enabling system module of Filebeat collects the logs including login events. See more here:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.