infosecn1nja
/
HELK
mirror of https://github.com/infosecn1nja/HELK.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
The Hunting ELK
30 Commits
4 Branches
12 Tags
262 MiB
Jupyter Notebook 78.3%
CSS 14%
Shell 5.6%
Ruby 1%
Dockerfile 0.7%
Other 0.4%
 
 
 
 
 
 
Go to file
Roberto Rodriguez 3103299c77 Update kibana.yml 2017-06-06 13:52:40 -04:00
elasticsearch testing docker compose configs 2017-06-06 10:15:14 -04:00
kibana Update kibana.yml 2017-06-06 13:52:40 -04:00
logstash testing docker compose configs 2017-06-06 10:15:14 -04:00
nginx testing docker compose 2017-06-06 01:54:41 -04:00
scripts Update helk_install.sh 2017-06-06 11:39:58 -04:00
LICENSE Initial commit 2017-03-14 15:14:50 -04:00
README.md Update README.md 2017-05-26 02:31:12 -04:00
docker-compose.yml testing docker compose configs 2017-06-06 10:15:14 -04:00

README.md

HELK [Beta]

The incredible HELK (Hunting, Elasticsearch, Logstash, Kibana) VM.

Getting Started

For now, this basic build can be installed with the help of a bash script. This script is based on most of the commands I used and described HERE

Requirements

  • OS: Ubuntu-16.04.2 Server amd64 (Tested)
  • Network Connection: NAT or Bridge
  • RAM: 4GB (minimum)

Installation

  • Run sudo su -
  • Run git clone https://github.com/Cyb3rWard0g/HELK.git
  • Run cd HELK/scripts
  • Run chmod +x helk_install.sh
  • Run ./helk_install.sh

Custom Configuration

Once the installation completes, your ELK Stack Web interface will ONLY be accessed locally (127.0.0.1). Edit your /etc/nginx/sites-available/default file doing the following:

  • Run sudo nano /etc/nginx/sites-available/default
  • Replace 127.0.0.1 with your host's IP address
  • Run sudo systemctl restart nginx

More coming soon...