infosecn1nja
/
HELK
mirror of https://github.com/infosecn1nja/HELK.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
The Hunting ELK
21 Commits
4 Branches
12 Tags
262 MiB
Jupyter Notebook 78.3%
CSS 14%
Shell 5.6%
Ruby 1%
Dockerfile 0.7%
Other 0.4%
 
 
 
 
 
 
Go to file
Roberto Rodriguez b663c8bd6b Testing docker configurations 2017-05-31 21:58:07 -04:00
docker Testing docker configurations 2017-05-31 21:58:07 -04:00
elasticsearch Adding elasticsearch config file to docker dir 2017-05-30 02:31:58 -04:00
kibana Editing docker configurations 2017-05-30 02:34:48 -04:00
logstash Testing docker configurations 2017-05-31 21:42:57 -04:00
nginx Docker Files syntax and commands update 2017-05-30 02:27:05 -04:00
scripts Update helk_install.sh 2017-05-26 01:47:15 -04:00
LICENSE Initial commit 2017-03-14 15:14:50 -04:00
README.md Update README.md 2017-05-26 02:31:12 -04:00
docker-compose.yml Docker-compose syntax fix 2017-05-30 01:02:42 -04:00

README.md

HELK [Beta]

The incredible HELK (Hunting, Elasticsearch, Logstash, Kibana) VM.

Getting Started

For now, this basic build can be installed with the help of a bash script. This script is based on most of the commands I used and described HERE

Requirements

  • OS: Ubuntu-16.04.2 Server amd64 (Tested)
  • Network Connection: NAT or Bridge
  • RAM: 4GB (minimum)

Installation

  • Run sudo su -
  • Run git clone https://github.com/Cyb3rWard0g/HELK.git
  • Run cd HELK/scripts
  • Run chmod +x helk_install.sh
  • Run ./helk_install.sh

Custom Configuration

Once the installation completes, your ELK Stack Web interface will ONLY be accessed locally (127.0.0.1). Edit your /etc/nginx/sites-available/default file doing the following:

  • Run sudo nano /etc/nginx/sites-available/default
  • Replace 127.0.0.1 with your host's IP address
  • Run sudo systemctl restart nginx

More coming soon...