Articles By Andrew Kroh

With the Logstash Lines series, we're keeping you up to date with all that's new in Logstash, from the details of pull requests to learning resources.

With the Brewing in Beats series, we're keeping you up to date with all that's new in Beats, from the details of pull requests to learning resources.

Engineering

Auditbeat is a new Beat in 6.0. It audits the activities of users and processes. It collects Linux audit logs (similar to auditd) and monitors file integrity.

Engineering

Using Metricbeat to collect container metrics using Linux cgroups.

Engineering

How to use the Winlogbeat and Kibana to visualize logon events from Windows event logs.

Engineering

Using Packetbeat with Elasticsearch and Watcher to detect DNS tunnels.