Security monitoring log management-describe logstash,kibana,elastic slidshare
5 likes655 views
The document discusses the ELK stack (Elasticsearch, Logstash, and Kibana), its implementation, and its significance in log management and analysis. It presents the need for log analysis, the architecture of Logstash, and the benefits of using the ELK stack for visualizing and processing logs. Additionally, it provides resources for further reading and examples of Logstash applications.
Security monitoring log management-describe logstash,kibana,elastic slidshare
- 1. Security Event Monitoring,Log Management Describe: “LogStash,Elastic & Kibana" Present & Gathered by: Reza Adineh Cyber Security Specialist SOC Expert Forensic Researcher Contact me: https://ir.linkedin.com/in/rezaadineh Feb-2018
- 2. Module 1:Elastic: Product Portfolio
- 3. Phases : How to implement
- 5. Heart of ELK stack: Elasticsearch Based on Apache Lucene Shay Banon, Compass to Elasticsearch, released in 2010 In 2012 Elastic was founded in Amsterdam RESTful search & Analytics engine
- 6. The Journey of an Event in elastic:
- 8. Plugin Ecosystem: Rich Integration & Processing 200+ plugins Extensible framework to easily build your own plugin Logstash Plugins Maintainer Program
- 10. Module 2:What is ELK Stack ?
- 12. Need for log analysis Lets understand why do we need log analysis ?
- 13. Needs for Log analysis
- 16. Problems with log analysis Lets understand what problems occurred with log analysis ?
- 22. Lets now understand what exactly is ELK Stack.
- 23. Elastic Search
- 27. LogStash
- 28. Kibana
- 30. How exactly ELK Stack works ?
- 31. Many Companies use ELK Stack
- 32. Visualizing logs using ElasticSearch, Logstach & Kibana & saving millions !
- 33. Keep a deeper look at Logs & how implement ElasticSearch, Logstach & Kibana Logs & Log structures:
- 35. A log is human readable … A human readable, machine parsable representation of an event.
- 36. Regex ?! How to parse logs ? OR Indexing & Labeling
- 37. Thinking open source : Logstash Graylog Logalyse Scribe Hadooooop Did you like it ? Lets look at Logstash …
- 42. Summary of Log’s Lifecycle:
- 43. Lets look at some examples:
- 49. Kibana custom dashboards :
- 52. Already have central Rsyslog/SyslogNg Server ?
- 53. Also you can use it as Central Syslog Server It is too good for Appliances
- 54. Use matching input & outputs to Sendfile contents to another log stash for processing.
- 60. Further reading on : logstash.net logstashbook.com Juju charms.com/charms/precise/logstash-indexer Logstash puppet module(github/electrical)
- 61. Any question ? Contact me: https://ir.linkedin.com/in/ rezaadineh