SIEmonster Traffic Flow Linux V2

Photo posted by chris on Oct 13, 2016

On a Linux host, Filebeat is to be installed. This will collect event logs and send them to Proteus via SSL for Logstash analysis. The data then will be forked to Capricorn for Alerting/Analysis short term storage as well as the ElasticSearch database on Kraken/Tiamat.  OSSEC agents are also recommended to be installed on Linux hosts to provide Host Intrusion Detection analysis as well.

Photo Details

  • File size
  • 88.8 KB
  • Photo size
  • 1540x854

Outcomes