Pfsense + Elasticsearch, Logstash, Kibana (ELK) stack

pigbrother

Наткнулся на эту тему с месяц назад. Тема, конечно, интересная.
Однако времени потребует изрядно. Даже просто приложенный вами набор ссылок тянет на небольшой мануал…

pigbrother

С реддита
https://www.reddit.com/r/PFSENSE/comments/4dymci/i_made_a_simple_bare_bones_simple_elk_vm_for/

I made a simple bare bones simple ELK VM for download. For fellow ELK N00bs
I have put it on dropbox here: https://www.dropbox.com/s/aqd44gjrx7ghmm6/PFELK01-160408.ova?dl=0

It's a VMWare OVA file.

Basic setup based on http://pfelk.3ilson.com/ (bit on youtube at end to fix kibana)
no SSL access
DHCP
Basic examples of different visualisations and dashboard configured
Curator installed but no cron (https://www.elastic.co/guide/en/elasticsearch/client/curator/current/examples.html)

Username: pf Password: pf
Interface Port: http://ipaddress:5601
Send firewall events to port 5140

Changes you MUST make:
sudo nano /etc/hosts (Change IP address and / or host)
sudo nano /etc/logstash/conf.d/10-syslog.confcd (Change the IP on line 4 to be your PFsense box)

werter

This post is deleted!

hamed_forum

Please produced any VM for elk

pigbrother

ELK + pfSense 2.3 Working
https://forum.pfsense.org/index.php?topic=120937.0

werter

This post is deleted!

pigbrother

Тема продолжается:
ELK Stack with Ubuntu 16.04 running and collecting pfSense logs!
https://www.reddit.com/r/PFSENSE/comments/702uam/elk_stack_with_ubuntu_1604_running_and_collecting/

werter

This post is deleted!

werter

This post is deleted!

werter

This post is deleted!

werter

Добрый.
Подчистил и обновил ссылки.