December 2017
Intermediate to advanced
364 pages
7h 30m
English
Content preview from Security Automation with Ansible 2
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Log Monitoring and Serverless Automated Defense (Elastic Stack in AWS)
Log monitoring is the perfect place to think about security automation. For monitoring to be effective, a few things need to happen. We should be able to move logs from different devices to a central location. We should be able to make sense of what a regular log entry is and what could possibly be an attack. We should be able to store the logs, and also operate on them for things such as aggregation, normalization, and eventually, analysis.
But, before diving into setting up the stack and building centralized logging and monitoring using Elastic Stack, we need to understand a little bit about why we need to use and automate the setup for defending against near real-time ...