Hi so i am studying and using Kibana open source and wanted to know whether kibana open source by default creates hashes of files ? The document of elastic says that it does use SHA256, SHA-1 & MD5 but as per the auditbeat logs there were no hashes found.
I have tried searching it but got no luck. would really appreciate if someone can explain it. thank you in advance
Hi, to clarify, you are using Auditbeat? The file integrity module from Auditbeat, or something else?
In case of FIM, see the hashes_type setting here: https://www.elastic.co/guide/en/beats/auditbeat/current/auditbeat-module-file_integrity.html The default is SHA1 but others can be enabled.
yes using Auditbeat. so apart from just monitoring the logs it also calculates hash as well !
© 2018. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.