infosecn1nja
/
HELK
mirror of https://github.com/infosecn1nja/HELK.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
The Hunting ELK
12 Commits
4 Branches
12 Tags
262 MiB
Jupyter Notebook 78.3%
CSS 14%
Shell 5.6%
Ruby 1%
Dockerfile 0.7%
Other 0.4%
 
 
 
 
 
 
Go to file
Roberto Rodriguez fce1374fa9 Docker Compose files 2017-05-30 00:49:19 -04:00
elasticsearch Docker Compose files 2017-05-30 00:49:19 -04:00
kibana Docker Compose files 2017-05-30 00:49:19 -04:00
logstash Docker Compose files 2017-05-30 00:49:19 -04:00
nginx Docker Compose files 2017-05-30 00:49:19 -04:00
scripts Update helk_install.sh 2017-05-26 01:47:15 -04:00
LICENSE Initial commit 2017-03-14 15:14:50 -04:00
README.md Update README.md 2017-05-26 02:31:12 -04:00
docker-compose.yml Docker Compose files 2017-05-30 00:49:19 -04:00

README.md

HELK [Beta]

The incredible HELK (Hunting, Elasticsearch, Logstash, Kibana) VM.

Getting Started

For now, this basic build can be installed with the help of a bash script. This script is based on most of the commands I used and described HERE

Requirements

  • OS: Ubuntu-16.04.2 Server amd64 (Tested)
  • Network Connection: NAT or Bridge
  • RAM: 4GB (minimum)

Installation

  • Run sudo su -
  • Run git clone https://github.com/Cyb3rWard0g/HELK.git
  • Run cd HELK/scripts
  • Run chmod +x helk_install.sh
  • Run ./helk_install.sh

Custom Configuration

Once the installation completes, your ELK Stack Web interface will ONLY be accessed locally (127.0.0.1). Edit your /etc/nginx/sites-available/default file doing the following:

  • Run sudo nano /etc/nginx/sites-available/default
  • Replace 127.0.0.1 with your host's IP address
  • Run sudo systemctl restart nginx

More coming soon...