You need to log in to create posts and topics.

Viewing Dashboards In Kibana

After Auditbeat has been installed and shipping logs, It is time to view the Auditbeat dashboard in Kibana. This assumes that you have already gone through the process of installing Auditbeat in the previous tutorial and logs are being successfully shipped to Elasticsearch + Kibana.

 

1. Go to the dashboards page, type in "Auditbeat" in the search bar, and then click on "[Auditbeat File Integrity] Overview". 

 

2. Test out that Auditbeat is working.

Auditbeat will detect any changes in the directories that have been declared in the auditbeat.yml. To test it out in real-time, open up one of the directories and create a new folder. It should then show up in the Dashboard and Discover as being "created". If you delete the new folder it will show this info as well.