Filebeat with Elasticsearch 8.x - Part 2: Email Filebeat Alerts with Logstash

This video is the second part to our tutorial on #filebeat. In the first video we showed how to install, configure, setup and secure Filebeat. We also demonstrated some of the Filebeat dashboards that let you review logs in your infrastructure. You can review the first video here before continuing:

   • Filebeat with Elasticsearch 8.x - Par...  

In this video we will jump straight into Rules and Alerts. By the end of the video, you should have a good grasp of what Filebeat can do, how to use #kibana Alert Rules, and how to use an open source tool called #logstash to send emails.

The following logstash.conf file was used in the video:
https://github.com/evermight/elasticb...

Yml files can be found here:
https://github.com/evermight/elastics...
https://github.com/evermight/elasticb...
https://github.com/evermight/elasticb...
https://github.com/evermight/elasticb...

Table of Contents:
00:00 Introduction
00:37 Find the SSH Fail Query
03:40 Enable and create Kibana Rules for alerts
18:40 Install Logstash
19:52 Configure Logstash to send emails
25:20 Run Logstash

This video is part our Beat series:
   • Elasticsearch - Beats  

Written Summary Here: https://elasticsearch.evermight.com/f...