Integrated Windows endpoint log management (Docker + ELK(ElasticSearch, Logstash, Kibana) + Winlogbeat based)
-
Updated
Jan 17, 2024 - Shell
Integrated Windows endpoint log management (Docker + ELK(ElasticSearch, Logstash, Kibana) + Winlogbeat based)
Winlogbeat installation for Windows Event Collectors (WEFCs)
Easy installation/update of Winlogbeat via Domain Controller and WinRM.
Chef LWRP for winlogbeat(shipper for Elasticsearch & Logstash)
Repo for maintaining Ansible playbooks
Sysmon logs in the window environment are received from a computer in another environment through winlogbeat through Logstash, and then repositioned in Elasticsearch and displayed in PyQt.
Materials and install for my talk about getting your ETL flow under Statistical Process Control
Install/Configure Elastic Winlogbeat through Chef
Ansible role to install winlogbeat for security monitoring.
Program to send logfiles to ELK using winlogbeat.
Graylog extractor for Microsoft Teams Rooms Devices
Repository for custom applications that automate the downloading, installation, and running of various Beats into Vizion.ai Elasticsearch.
writeup about sending Logstash data to Splunk using the HTTP Event Collector
Burnham Forensics ELK Deployment Files
An Ansible role to install and configure Winlogbeat
Collector plugin for Graylog
[DEPRECATED] Elastic Beats Input plugin for Graylog
Universal Winlogbeat configuration
Threat Hunting with ELK Workshop (InfoSecWorld 2017)
Add a description, image, and links to the winlogbeat topic page so that developers can more easily learn about it.
To associate your repository with the winlogbeat topic, visit your repo's landing page and select "manage topics."