|
Size: 1680
Comment:
|
Size: 1803
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 10: | Line 10: |
| * [[https://www.graylog.org/|GrayLog]] [[https://docs.graylog.org/en/4.0/pages/installation/os/ubuntu.html#ubuntuguide|Ubuntu Install Guide]] | * [[https://www.graylog.org/|GrayLog]] [[https://docs.graylog.org/en/4.0/pages/installation/os/ubuntu.html#ubuntuguide|Ubuntu Install Guide]] Note: There are different features for the enterprise version (for pay) vs opensource. |
| Line 29: | Line 29: |
| 1. Show something from pfSense |
Lab 09 Dashboards - Keeping data under control
Introduction
In the last two labs particularly, we have gathered information. But how do you make sense of it all? Log analyzer and dashboards!
Take the first 15 minutes of lab to research dashboards that you might want to install and use to work with Suricata, OpenVas and your windows systems.
Elastic Stack (here is a good tutorial by digitialocean.com
GrayLog Ubuntu Install Guide Note: There are different features for the enterprise version (for pay) vs opensource.
Logz.io is based on Elastic Stack... learn more here.
- Splunk (Seems to have gone for pay... probably want to try something else. Never-the-less one of the top rated apps!)
Some solutions go beyond simple log aggregators/analyzers to monitor everything... these include:
- PRTG (includes log analyzing, but may be overkill for what we are doing)
ZabbixL https://www.zabbix.com/
Install a system of your choice. If its not on the list, check with me first and if its ok, I'll add it. You should collect information from OpenVas, Suricata, Windows Logs and ubuntu for aggregation in the dashboard of your choice.
Show Me
In less than two minutes:
- Show your Dashboard working
- Show something from pfSense
Show something from OpenVas
- Show something from Suricata
- Show something from your Windows Server