You can find the blog post with all the links, commands, and configuration files here: robwillis.info/2019/05/installing-elk-7-elasticsearch-logstash-and-kibana-windows-server-2016/
Can't thank you enough for this Rob, was my bible for getting this up and running. Next video request: how to update ES, Kibana and LS on Windows server?
Thank you very much for the ELK videos and congrats on your clarity explaining things very clearly and showing in detail how to do it. Specially this one.
Apache works very similar to the IIS logs, you will use filebeat and point it to the log file (/var/log/apache/access. log). I'm not sure about Magento, but if it saves its log into a text file, filebeat should be able to pick it up too.
@@robwillisinfo Kibana requires node.js running on the server correct? this spooks me a bit trying to secure a public facing web server. Do you have any experience in connecting Kibana to a remote server running elastic?
Hi, I have followed your guide, but can't start the ElasticSearch service (verify privilege error). Is there any setting should be perform prior installation ?
Trying to install Curator and when I go to the link on your blog for Windows install, it says file not found. However I can find and download the 4.06 version, will this be fine to use? Where has the latest file gone to?
Following your guide, After i install Java and Elastic; when i attempt to invoke-restmethod i get an error, also i noticed that the service wont start. Every time i attempt to start the service it immediately turns itself off. Any recommendations?
Hi, thanks for the share I've followed your video but it didn't worked, elasticsearch.yml needs some tunning now with "discovery.seed_node" to listen on the IP and not just its loopback But i still can't see logs/data in Kibana -> Index patterns .\winlogbeat.exe test output -> dial up... ERROR dial tcp ip:5044 connexion refused Did you try 7.4.2 ? Thanks
So it looks to me that it is breaking because of the space between "Program Files", windows likes paths with spaces in there to be wrapped in quotes. This may be a bug in the logstash package itself, I would check to see if there is an updated version.
Great video! Is there any way you can do a video on how to add pfSense and Suricata logs as well? I for the life of me cant figure out how to parse these logs properly.
Thanks! This is something I've been wanting to do as well! I've been planning on doing some videos around OPNsense coming up, so maybe I can sneak this one in there as well. Thanks for the feedback!
.\winlogbeat.exe test config .\winlogbeat.exe test output Are two helpful commands when troubleshooting connectivity and configurations with the agents.
