CHAPTER 1. Elasticsearch, logstash, kibana install and config on linux server

testsoft.net welcome to elastic

CHAPTER 1. INSTALL AND CONFIG ELASTICSEARCH, LOGSTASH, KIBANA Part 1.1. Install elastic search Part 1.2. Install kibana and nginx proxy Part 1.3. Install logstash on local ELK server Part 1.4. Install filebeat for local ELK loging Part 1.5. Create index for filebeat

Linux firewalld commands

Examples of simple commands when configuring firewalld sudo firewall-cmd –permanent –list-ports sudo firewall-cmd –permanent –list-service sudo firewall-cmd –permanent –list-all sudo firewall-cmd –get-active-zones sudo firewall-cmd –get-zone-of-interface=eth0 sudo firewall-cmd –permanent –zone=public –add-port=8080/tcp sudo firewall-cmd –permanent –zone=public –remove-port=8080/tcp sudo firewall-cmd –permanent –zone=public –add-service=http sudo firewall-cmd –permanent –zone=public –remove-service=http sudo firewall-cmd –permanent –zone=public –add-service=openvpn sudo firewall-cmd –permanent –zone=public –remove-service=openvpn… Continue reading Linux firewalld commands

Linux commands to view and find security events

Сollection of commands for auditing linux systems w who whoami last -f /var/log/btmp lastb /var/log/btmp — failed login attempts. /var/run/utmp — current login sessions /var/log/wtmp — list of all login sessions. id uname -a pwd ps -aux pstree ls -ltr ls -lah | tee content ls -la lsof -i cat /proc/self/environ netstat -nvp netstat -anp… Continue reading Linux commands to view and find security events