Hello,
I am trying to develop something like the Hunting ELK, or HELK, which can be found in github. The final project should handle in some way phishing emails.
For the first step I need to somehow get the emails to some kind of logging, so I can then get them into the ELK stack for further analysis.
Is there any way for filebeat to perform such a task, or is there any tool to automatically export emails to a log file that filebeat will read from?
I am new to the ELK stack, so any relevant information will be appreciated.
Thanks.