MaGe Linux Operations

Sep 29, 2018 · Information Security

Build a Real-Time Security Log Collection & Alert System with ELK, Kafka, and Sentinl

This guide walks through collecting security device and Nginx logs using ELK 5.5.2, Logstash grok patterns, Kafka and Flume pipelines on CentOS 7, and configuring Sentinl or ElastAlert for DingTalk and email alerts, complete with code snippets and deployment commands.