Skip to content
This repository has been archived by the owner on Dec 6, 2023. It is now read-only.
/ ELK-forensics Public archive

ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)

License

Notifications You must be signed in to change notification settings

cvandeplas/ELK-forensics

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ELK-forensics

-- Note: This repository is not maintained anymore. --

ELK configuration files for Forensic Analysts and Incident Handlers.

For more information, screenshots and HOWTO's read:

How to use

 apt-get install git-core
 git clone https://github.com/cvandeplas/ELK-forensics

That will create a directory - ELK-forensics - holding the configuration files.

  • Open your Kibana web interface
  • Right upper corner, Load -> Advanced -> Browse
  • Load the desired json template(s)
  • Copy the .conf file to your /etc/logstash/conf.d directory
  • Restart the logstash service
  • Feed your logs

Make sure you also look at the documentation provided in the .conf files.

Do not hesitate to contribute ! All feedback is appreciated !

Thanks Christophe

License

About

ELK configuration files for Forensic Analysts and Incident Handlers (unmaintained)

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages