Elasticsearch Ingest Data Ingesting Sysmon and Windows Defender logs into Elasticsearch Click on Add integrations Search “Windows” and you get We click on Custom Windows Event logs, to gather logs […]
We deploy a windows server as we did our Ubuntu server earlier. The difference is that this will not be in in VPC network, as defined in our Network diagram […]
Installing the Kibana application component We will install Kibana following the following steps Reload the systemctl daemon, enable the service, start the service and check the status of the […]
This challenge in aimed at gaining SOC (Security Operations Centre) analysis skills. I will be exploring different aspects of SOC operations and analysis –setting up the ELK (Elasticsearch, Logstash and […]