轻量型数据采集器。它们从成百上千或成千上万台机器和系统向 Logstash 或 Elasticsearch 发送数据。
Windows Events Attack Samples
翻译 - Windows 事件攻击示例
Threat Hunting with ELK Workshop (InfoSecWorld 2017)
Universal Winlogbeat configuration
[DEPRECATED] Elastic Beats Input plugin for Graylog
Burnham Forensics ELK Deployment Files
writeup about sending Logstash data to Splunk using the HTTP Event Collector
Repository for custom applications that automate the downloading, installation, and running of various Beats into Vizion.ai Elasticsearch.
Ansible role to install winlogbeat for security monitoring.
Program to send logfiles to ELK using winlogbeat.
Graylog extractor for Microsoft Teams Rooms Devices
Integrated Windows endpoint log management (Docker + ELK(ElasticSearch, Logstash, Kibana) + Winlogbeat based)
A lightweight SIEM solution using the ELK stack, Docker, Winlogbeat and Sysmon for efficient log collection and analysis.
Install/Configure Elastic Winlogbeat through Chef
Materials and install for my talk about getting your ETL flow under Statistical Process Control
Easy installation/update of Winlogbeat via Domain Controller and WinRM.
This Docker project deploys a single-node ELK stack with Logstash, offering the flexibility to add custom pipelines as needed. It includes a preconfigured Winlogbeat pipeline for collecting logs from ...
An Ansible role to install and configure Winlogbeat
翻译 - Ansible角色,用于安装和配置Winlogbeat
Winlogbeat installation for Windows Event Collectors (WEFCs)