Veronica Yudina
Reputation: 1
Has anyone integrated Kibana with any IDS?
I know that many people use Kibana to collect security logs, but do you upload them to any IDS to catch suspicious ones and alert about them? If so, which IDS do you use?
Upvotes: 0
Views: 142
Answers (1)
jklmnop
Reputation: 86
I am not following to surely here, however IDS logs are read by filebeat/logstash, send and indexed into Elasticsearch which then you can use Kibana (the GUI) where you can query the indexed data, make visualisations and dashbaords.
Elastics Kibana can have alerting setup given parameters that you set. https://www.elastic.co/products/stack/alerting And you also have thresholds and conditions. https://www.elastic.co/guide/en/kibana/current/watcher-create-threshold-alert.html
Upvotes: 0
Related Questions
- Can we use Kibana as a log monitoring tool for an application running in weblogic?
- Kibana for ARM architecture
- ELK for IBM Integration Bus 10 (IIB)
- How do we use IBM Appid to auth Kibana users ?
- Kibana for showing analytics to end user
- Kibana as Elasticsearch monitoring solution
- Index ID identification in Elasticsearch/Kibana visualization
- Kibana integrated with Firehose
- Can we write our own GUI instead of using kibana
- Kibana 4 Ready-Made Dashboard?