all InfoSec news
DShield Sensor JSON Log to Elasticsearch, (Sat, Jan 21st)
Malware Analysis, News and Indicators - Latest topics malware.news
My current project has been to rebuild my home DShield sensor from a Rasberry Pi to a Ubuntu 20.04.5 LTS server to be able to process my sensor logs into Elasticsearh. I use as a guide the example listed here (my ELK is version 8.x) sending the cowrie.json logs to a remote ELK server (version 8.4.1) using Filebeat and Logstash. However, my steps were a little different than the reference:
Article Link: https://isc.sans.edu/diary/rss/29458
1 post - 1 participant
cowrie current elasticsearch elk guide home json log logs logstash lts process project reference sat sensor server ubuntu version