Elastic develops the popular log analytics platform, the Elastic Stack, which supports a variety of search, observability, and security use cases through its many out of the box integrations. It’s a great platform for collecting, analyzing, and visualizing data from your Zeek sensor and other sources.
The following is a collection of how-to guides to help you get the most from your Elastic instance.
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...
This guide details how to deploy Elastic Agent on macOS using Intune. For Windows, please use my companion guide. Using Elastic Agent with Elastic SIEM is a great way to secure and monitor your environment. Not only does it provide full endpoint security...
This guide details how to deploy Elastic Agent on macOS using Intune. For macOS, please use my companion guide. Using Elastic Agent with Elastic SIEM is a great way to secure and monitor your environment. Not only does it provide full endpoint security capabilities,...