Previously I had written a guide on Creating a Single-Node ELK Stack; covering what to do when you want create and utilize The Elastic Stack (also formally ELK) on a limited capacity, single-node basis. When assisting my roommate in creating an ELK stack of his own, I realized I had not yet described the process … Continue reading Creating a Multi-Node ELK Stack
In some of my previous posts regarding ELK, we have touched upon numerous ways of sending data from Windows endpoints - however not from much else. In the real world, thankfully, not everything runs off Microsoft's Operating System. Not to hit Microsoft in any way, but for anyone who has experienced systems administration in regards … Continue reading Monitoring CentOS Endpoints with Filebeat + ELK
In one of my prior posts, I discussed the steps necessary to set up a Single-Node ELK Stack. If you were to follow this guide, Kibana, as it stands, would be accessible to anyone on your network over Port 5601 who knows its IP Address. For myself, I could always socially outcast my roommate if … Continue reading How to Install and Configure NGINX for Kibana
Building off my previous post, Introduction to ELK, I figured it would be great to begin to discuss how to create a "stack." I have created multiple different stacks in the past couple months, each with their own specific purpose. While the services within an ELK stack are meant to be spread across different nodes, building … Continue reading Creating a Single-Node ELK Stack
For the Summer of 2018, I took an internship that allowed me to continue learning hands-on in the field of Digital Forensics while also exploring the work of a Security Operations Center (SOC) Analyst. For those who are unaware what this current position entails, as I was, CIS Security defines this position as someone who helps … Continue reading Introduction to ELK
Burnham Forensics 