I am complete beginner of ELK and just going through the documents. I am network administrator and are managing Firewalls, Proxy, dozens of Linux servers comprises of DNS, Reverse Proxy, Web servers and many other.
I am keen in ELK as log management solution and creating those dashboards. Can someone please help me about getting started? I do have many questions and hope you guys dont mind answering those?
Is there any such basic tutorial available for gathering logs from Firewall, Linux servers/Windows Destkops/Servers and creating dashboards in Kibana from Security perspective?
For files, on any OS, check out filebeat. For Windows event logs, winlogbeat. For network devices it'll depend on how they do logging, if they can send via rsyslog then you can use Logstash to receive them.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.