Loading Events

« All Events

  • This event has passed.

Parsing Logs via ELK

March 26 @ 1:00 PM - 5:00 PM

Trainer: Mark McLauchlin

ELK is an powerful open source search application. Often overlooked is the parsing functionality it can provide to enrich security event log data. This hands-on training will go over the ELK stack including installation and configuration of Filebeat, Logstash, Elasticsearch, and Kibana along with some best practices. A good portion of the time will be parsing log events with Logstash. Logstash is referred to as the Swiss army knife for log parsing and deservedly so. It has some very powerful capabilities when it comes to slicing and dicing events so they are more useful when it comes to searching for the needle in the stack of needles. Additionally, Logstash supports 50+ outputs. Even though Logstash is typically associated with Elasticsearch, it can send parsed event data to many other technologies such as DataDog, Graylog, Kafka, S3, etc. No prior knowledge of ELK is expected or required.

Read more at: https://bsidesaustin.com/bsides-austin-2019-training-days/

Details

Date:
March 26
Time:
1:00 PM - 5:00 PM
Website:
https://www.eventbrite.com/e/parsing-logs-via-elk-tickets-57223907247

Venue

J. J. Pickle Research Campus, The University of Texas at Austin
North Burnet, Austin, TX 78758
Austin, TX 78758 US
+ Google Map
© Copyright 2019, (ISC)² Austin Chapter. All Rights Reserved. (ISC)², CISSP, SSCP, CAP, ISSAP, ISSEP, ISSMP, CSSLP, HCISPP and CBK are registered certification, service, and trademarks of International Information System Security Certification Consortium, Inc.

Disclaimer: (ISC)² does not own, operate, or moderate this website. All content of this site, exclusive of licensed trademarks and trade dress is the property of (ISC)² Austin Chapter, which is not owned, managed, or controlled by (ISC)² and operates independent of (ISC)².”