security talk & philosophizing



Tag: dashboard

  • Creating a High Severity Suricata Dashboard in ELK

    Creating a High Severity Suricata Dashboard in ELK

    Once you have your ElasticSearch server running with Kibana, and it’s being fed data from Suricata installs via Filebeat, you can view the data coming in through some default dashboards. Filebeat has two suricata default dashboards, one for alerts and one for events. I like the default Filebeat Suricata dashboards, except that the Alert one…

    Read more...