Hi Everyone!
This is my first blog. Please leave a comment or like for encouragement. I appreciate you. I will be posting another blog soon.
Elasticsearch-Kibana-Auditbeat Project
Last week, I was finally able to deploy my elasticsearch-Kibana environment. It felt so good to finalize the project.
A few weeks ago, I installed Ubuntu 22.04 LTS. The plan was to install Kibana and explore the basic features of a SIEM. It has been such a pleasure and so much fun to work with my virtual friends and former co-interns Khadijah Nau and Simon Selasie Azanu.
From 08/11/22: 33 hits to 08/13/2022: 29443 hits🤔
The greatest lesson was that each failure encountered in a few steps pushed us to read, research, and troubleshoot our system. Truly, Google is “your ride and die” when trying to learn and figure out how to fix those types of issues, and we discovered many different ways to fix the issues that arose during the project.
Please take a look at the 59 seconds video that I put together. I would appreciate it if you left a like and/or comment. Also, check Khadijah Nau and Simon Selasie Azanu's pages to learn more about their experience. Teamwork is the best!
♦️Use Debian package/public signing key/ and the necessary repository package
♦️Install Elasticsearch and configure the yaml file by setting up the cluster with the Ubuntu IP
♦️Check Elasticsearch status to ensure it is actively running
♦️Check to see if logs can be sent to the Elasticsearch server
♦️Install Kibana and configure the yaml file by uncommenting the Elasticsearch host and adding the same IP address
♦️Install Auditbeat and proceed to the file configuration
♦️Make sure that Kibana and the full templates are ready by using by setting up Auditbeat
Et Voilà! 👌🏾
Follow me on LinkedIn: www.linkedin.com/in/guerline-b-aurelus
Thank you for reading.
