ELK Install
Suspendisse morbi pretium
6. Mai 2020Hello World
5. August 2021Ich versuche gerade, einen ELK-Server aufzusetzen, dem ich über Filebeats von Clients Loginformationen an Logstash schicken kann.
#!/bin/bash # Ubuntu updaten, # Pakete upgraden, # und die Distribution auf den neuesten Stand bringen sudo apt-get update -y sudo apt-get upgrade -y sudo apt-get distro-upgrade -y sudo apt install -y # Java für den Elastic Stack installieren # es muss die Version 1.8 (8.0) sein sudo add-apt-repository ppa:webupd8team/java -y sudo apt-get update sudo apt-get install -y oracle-java8-installer # Curl zum Testen des Stacks installieren sudo apt install -y curl # Netstat nachinstallieren sudo apt install -y net-tools wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - echo "deb https://artifacts.elastic.co/packages/6.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-6.x.list sudo apt-get update sudo apt-get install -y elasticsearch # cd /etc/elasticsearch/ # sudo nano elasticsearch.yml # bootstrap.memory_lock: true # network.host: localhost # http.port: 9200 # sudo nano /usr/lib/systemd/system/elasticsearch.service # LimitMEMLOCK=infinity # sudo nano /etc/default/elasticsearch # MAX_LOCKED_MEMORY=unlimited sudo systemctl daemon-reload sudo systemctl enable elasticsearch sudo systemctl start elasticsearch # netstat -plntu # curl -XGET 'localhost:9200/_nodes?filter_path=**.mlockall&pretty' # curl -XGET 'localhost:9200/?pretty' sudo apt-get install -y kibana # sudo nano /etc/kibana/kibana.yml # server.port: 5601 # server.host: "localhost" # elasticsearch.url: "http://localhost:9200" sudo systemctl enable kibana sudo systemctl start kibana # netstat -plntu # cd /etc/nginx/ # sudo nano sites-available/kibana
# https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-ubuntu-16-04/
# http://elk-docker.readthedocs.io/#forwarding-logs-filebeat
# https://nakkaya.com/2009/04/15/using-netcat-for-file-transfers/
# https://null-byte.wonderhowto.com/how-to/use-cowrie-ssh-honeypot-catch-attackers-your-network-0181600/
# https://www.neontribe.co.uk/debian-virtualbox-guest-additions/
# http://www.aoakley.com/articles/2017-07-04-raspbian-x86-virtualbox.php
# https://www.raspberrypi.org/forums/viewtopic.php?t=199250
