Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.6.1-amd64.deb
- wget https://artifacts.elastic.co/downloads/logstash/logstash-7.6.1.deb
- wget https://artifacts.elastic.co/downloads/kibana/kibana-7.6.1-amd64.deb
- =======ELASTICSEARCH=======================
- dpkg -i elasticsearch-7.6.1-amd64.deb
- service elasticsearch status
- service elasticsearch start
- tail -f /var/log/elasticsearch/elasticsearch.log
- curl -XGET localhost:9200
- lsof -i:9200
- ===========================================
- =======LOGSTASH============================
- dpkg -i logstash-7.6.1.deb
- service logstash status
- cd /etc/logstash/conf.d/
- wget (ip)/01_inputs.conf
- wget (ip)/02_windows.conf
- wget (ip)/99_outputs.conf
- ########creamos comando de test
- echo "/usr/share/logstash/bin/logstash --config.test_and_exit -f /etc/logstash/conf.d/" > /etc/logstash/test.sh
- chmod +x /etc/logstash/test.sh
- ./test.sh
- ###############################
- SI NOS SALE "Config Validation Result: OK. Exiting Logstash" SEGUIMOS:
- service logstash start
- tail -f /var/log/logstash/logstash-plain.log
- PARA CONTINUAR EN LOS LOGS TENEMOS QUE LEER ESTO "Successfully started Logstash API endpoint {:port=>9600}"
- lsof -i:5044dpkg -i kibana-7.6.1-amd64.deb
- ===========================================
- =======KIBANA==============================
- dpkg -i kibana-7.6.1-amd64.deb
- echo 'server.host: "0.0.0.0"' >> /etc/kibana/kibana.yml
- service kibana start
- service kibana status
- lsof -i:5601
- http://IP:5601
- ===========================================
- =======WINLOGBEAT==========================
- https://www.elastic.co/es/downloads/beats/winlogbeat
- https://artifacts.elastic.co/downloads/beats/winlogbeat/winlogbeat-7.6.1-windows-x86_64.msi
- admin cmd:
- cd C:\ProgramData\Elastic\Beats\winlogbeat
- notepad winlogbeat.yml
- PEGAMOS DE LLAVES (sin las llaves claro)
- {
- winlogbeat.event_logs:
- - name: Security
- output.logstash:
- hosts:
- - IP:5044
- logging.to_files: true
- logging.files:
- path: C:\ProgramData\winlogbeat\Logs
- logging.level: info
- }
- services.msc -> iniciar "Elastic Winlogbeat 7.6.1"
- ===========================================
Advertisement
Add Comment
Please, Sign In to add comment
