Filebeat for Emails

Kostas_Gush · May 5, 2019, 9:09am

Hello,

I am trying to develop something like the Hunting ELK, or HELK, which can be found in github. The final project should handle in some way phishing emails.

For the first step I need to somehow get the emails to some kind of logging, so I can then get them into the ELK stack for further analysis.

Is there any way for filebeat to perform such a task, or is there any tool to automatically export emails to a log file that filebeat will read from?

I am new to the ELK stack, so any relevant information will be appreciated.

Thanks.

warkolm · May 5, 2019, 9:12am

Logstash might be more what you want there, it has an imap input.

system · June 2, 2019, 9:17am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Filebeat stopping randomly - Any way to send an email when logs are incomplete? Beats filebeat	1	182	July 4, 2022
Filebeat module + log tracking Logstash elastic-stack-monitoring	2	287	June 26, 2019
Filebeat collects logs prior to deployment of ELK Beats filebeat	13	1389	September 18, 2018
Alternative for Filebeat Beats filebeat	1	735	August 8, 2019
Monitore mikrotik router logs with ELK Beats filebeat , metricbeat	3	1887	April 5, 2021

Filebeat for Emails

Related topics