On-demand webinar

Detecting threats on Linux hosts with Auditbeat

Hosted by:

Christoph Wurm
Christoph Wurm

Senior Product Manager


Neil Desai
Neil Desai

Security Specialist



If your mission is to defend your organization from cyber threats, you need to know what’s happening on your hosts. What processes are running on each of your servers? Which user accounts have logged into which endpoint? Have previous attackers been entirely vanquished or do they still have a foothold?

Elastic’s lightweight Auditbeat agent provides information from your Linux-based hosts to answer these questions. Whether your hosts are physical or virtual, Auditbeat provides valuable telemetry for your servers, endpoints, and other form factors. Auditbeat’s new system module extends its functionality to perform out-of-the-box collection and analysis of several key data sets.

In this webinar, Christoph Wurm, Elastic Sr. Software Engineer, and Neil Desai, Elastic Security Specialist, show you how to apply host data from your Linux systems to detect threats targeting your environment. Their demo will show:

  • Ingestion of data from Linux systems using Auditbeat
  • Configuration of file integrity monitoring for key system files
  • Detection of attacks with automated analytics in Elasticsearch
  • Analysis and visualization of Linux host data with Kibana

Additional Resources:

Register to watch

You'll also receive an email with related content.