Filebeat for Emails


I am trying to develop something like the Hunting ELK, or HELK, which can be found in github. The final project should handle in some way phishing emails.

For the first step I need to somehow get the emails to some kind of logging, so I can then get them into the ELK stack for further analysis.

Is there any way for filebeat to perform such a task, or is there any tool to automatically export emails to a log file that filebeat will read from?

I am new to the ELK stack, so any relevant information will be appreciated.


Logstash might be more what you want there, it has an imap input.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.