-
**Dear TAs:**
# What I have done
- connect to the `kibana` on my virtual machine
…
-
#### Describe the problem
I have configured my Palo Alto firewall to forward traffic logs via syslog to the HELK ubuntu server. I've tried UDP and TCP port 8516 as noted in the syslog input file loca…
-
-
In 6.0 if I need to import winlogbeat's (or any other beat's) dashboard, templates I will have to use setup command for winlogbeat. This requires connection to kibana and to elasticsearch. Usually bea…
-
**Describe the enhancement:**
Hello guys,
Is it possible to add a new filter option for the event_logs in WinlogBeat ?
We need to use the task filter instead of the event_id filter.
Do you thi…
-
I was trying to ingest win event logs into sof elk, I configured the yml file and pointed to the SOF-ELK server and i am completely unable to get logs to show up. I am unable to find a guide that clea…
-
**Describe the bug**
Pfelk sadly never worked for me yet. I found out that the reason is most likely Logstash not starting because of an alleged syntax error.
**To Reproduce**
I have to say that …
-
#### Describe the problem
I am unable to import any data to helk
#### Provide the output of the following commands
Get operating system and version
for linux (except Mac) use:
`cat /etc/os-…
-
**Kibana version:** 7.3.0-SNAPHOST
**Elasticsearch version:** 7.3.0-SNAPSHOT
**Browser version:** Chrome
**Describe the bug:**
When testing the ML integration, I only loaded some Auditbeat…
-
**Describe the bug**
Unable to a new rule in order to detect that audit log in windows was cleared, based on winlogbeat security's module event
**To Reproduce**
Install Winlogbeat 7.8 and clear …