Filebeat with Elasticsearch 8.x - Part 2: Email Filebeat Alerts with Logstash

This video is the second part to our tutorial on #filebeat. In the first video we showed how to install, configure, setup and secure Filebeat. We also demonstrated some of the Filebeat dashboards that let you review logs in your infrastructure. You can review the first video here before continuing: https://www.youtube.com/watch?v=Bquc9I63DA0 In this video we will jump straight into Rules and Alerts. By the end of the video, you should have a good grasp of what Filebeat can do, how to use #kibana Alert Rules, and how to use an open source tool called #logstash to send emails. The following logstash.conf file was used in the video: https://github.com/evermight/elasticbeat-resources/blob/main/logstash-filebeat.conf Yml files can be found here: https://github.com/evermight/elasticsearch-install https://github.com/evermight/elasticbeat-resources/blob/main/etc/filebeat/filebeat.yml https://github.com/evermight/elasticbeat-resources/blob/main/etc/filebeat/modules.d/apache.yml https://github.com/evermight/elasticbeat-resources/blob/main/etc/filebeat/modules.d/system.yml Table of Contents: 00:00 Introduction 00:37 Find the SSH Fail Query 03:40 Enable and create Kibana Rules for alerts 18:40 Install Logstash 19:52 Configure Logstash to send emails 25:20 Run Logstash This video is part our Beat series: https://www.youtube.com/playlist?list=PLPatHYWw1RVvx7Zk6QXTOxv-BQXFTksMB

Видео Filebeat with Elasticsearch 8.x - Part 2: Email Filebeat Alerts with Logstash автора Молодые питонисты-путешественники