Finalization Docker

Summary

Now that we've launched all the containers, we'll check that information is going into Elasticsearch.

Configuring Kibana

Navigate to the Kibana UI that's found at http://<DOCKER_HOST>:5601. You'll be asked to create an index pattern to be able to interact with the Elasticsearch data in Kibana. The index pattern can have wildcards, so to match our date-based index names, we'll set our index pattern to filebeat-*.

Kibana - Discovery

Navigate to http://<DOCKER_HOST>:5601/app/kibana#/discover. You should see information related to what our Suricata instance is logging. For more information on Kibana dashboards, visualization, and configuring index patterns see this documentation here.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Finalization Docker

Summary

Configuring Kibana

Kibana - Discovery

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally