You need to log in to create posts and topics.

Collecting Audit Data With Vizion Elastic and Auditbeat

Auditbeat is a lightweight shipper that you can install on your servers to audit the activities of users and processes on your systems. For example, you can use Auditbeat to automatically collect audit events from the Linux Audit Framework and send them to your Vizion Elastic app for analysis.

If running a Mac or Linux console, you can quickly download and configure Auditbeat with our download script by executing the following command (making sure to include your Elasticsearch url):

curl https://olympus-io.github.io/vizion.ai/beat-install-scripts/install-config-auditbeat.sh > install-config-auditbeat.sh;

chmod a+x install-config-auditbeat.sh; ./install-config-auditbeat.sh << your Vizion Elastic url here >>

This will install Auditbeat version 6.5.4, update the auditbeat.yml config file to connect with your instance, load the dashboards into Kibana, and start shipping your logs.  If you want to install/configure manually, this guide can take you through the steps.

Log data should now be shipping from your machine to your Vizion Elastic instance. You can now view the Auditbeat logs file at:/var/log/auditbeat/auditbeat and can start visualizing your data with Kibana.