security talk & philosophizing

FF E4

Tag: filebeat

  • Filebeat Custom Field Processing for ELK

    Filebeat Custom Field Processing for ELK

    I had a recent project at work, where I needed to parse a load balancer log. The interesting part of the project was to capture data that was being added to the log. This short post will cover what I did to capture the data and render it in Kibana / ELK. If you have…

    Read more...

  • Suricata + ELK [Installation]

    Suricata + ELK [Installation]

    Technically, this install should be described as: Suricata / Filebeat + ElasticSearch/Kibana but it makes for a poor headline. Architecture In a multi-suricata server environment, the ElasticSearch Server is paired with the Kibana GUI. Individual Suricata installs are setup with Filebeat agents on separate points in the network(s). Filebeat sends each Suricata machine’s log data…

    Read more...

Recent Posts

Tags

App Archive.org CSRF dashboard EDR elasticsearch elk email Exercise EXIF filebeat GHunt Google Earth gvm IDS kibana logic Maltego OpenCTI openvas OSINT owasp philosophy Reporting Reverse Image Search scanner suricata Wazuh ZAP

Comments

No comments to show.

FF
EF

a moment now is worth a thousand moments from the before, or next.

letting go is the hardest, but most rewarding aspect of everything

© 2025 FF E4 • Powered by