Blogs
RSS
Blogs
RSS

Articles By Andrew Kroh

Logstash Lines: Pipeline Input and Output

By
Andrew Kroh

With the Logstash Lines series, we're keeping you up to date with all that's new in Logstash, from the details of pull requests to learning resources.

Read more

Brewing in Beats: Heartbeat HTTP Body Validation

By
Andrew Kroh

With the Brewing in Beats series, we're keeping you up to date with all that's new in Beats, from the details of pull requests to learning resources.

Read more
Engineering

Introducing Auditbeat: Ship Linux Audit Logs to Elasticsearch and More

By
Andrew Kroh

Auditbeat is a new Beat in 6.0. It audits the activities of users and processes. It collects Linux audit logs (similar to auditd) and monitors file integrity.

Read more
Engineering

Monitoring Container Resource Usage with Metricbeat

By
Andrew Kroh

Using Metricbeat to collect container metrics using Linux cgroups.

Read more
Engineering

Monitoring Windows Logons with Winlogbeat

By
Andrew Kroh

How to use the Winlogbeat and Kibana to visualize logon events from Windows event logs.

Read more
Engineering

Detecting DNS Tunnels with Packetbeat and Watcher

By
Andrew Kroh

Using Packetbeat with Elasticsearch and Watcher to detect DNS tunnels.

Read more