Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Security Analytics using ELK stack

963 views

Published on

Security Analytics using ELK stack

Published in: Software
  • Be the first to comment

Security Analytics using ELK stack

  1. 1. Security Analytics Using ^^^ Stack Abhishek Bhuyan
  2. 2. ELKB Stack
  3. 3. Disclaimer This is more of demo session than slides...
  4. 4. Elasticsearch ● Distributed and Analytics Engine ○ Query anything - structured, unstructured, geo, metric ○ Analyze - Explore trends and patterns ○ RESTfulAPI ○ Schema Free, JSON Documents ○ Fast and Horizontally Scalable
  5. 5. Logstash ● Data Processing Pipeline ○ Ingest Data, Process and Output ■ Ingest Data of many sources (Input Plugins) ■ Parse & Transform data on the fly (Filter Plugins) ■ Change Data Representations (Codec Plugins) ■ Output data to many forms (Output Plugins)
  6. 6. Beats ● Lightweight Data Shippers ○ Data Gathering ■ Filebeat ■ Metricbeat ■ Packetbeat ■ Winlogbeat ■ Heartbeat
  7. 7. Kibana ● Explore, Visualise, Discover Data ○ Interactive Visualization ○ Custom Dashboards
  8. 8. Evolution of Cyber Threats
  9. 9. Evolution of Cyber Threats
  10. 10. What is Analytics? ● Data Driven approach for analyzing logs ● Ask the right question and then figure out what data you need to answer it ○ Helps in modeling your data ○ Helps in choosing the technology or tools you want to use
  11. 11. Let’s Demo
  12. 12. “The goal is to turn data into information, and information into insight.” – Carly Fiorina, former CEO, Hewlett-Packard Co.

×