Chapter 5: Building Your Hunting Lab – Part 2

Now that we've discussed the architecture and built our Elastic Virtual Machine (VM), let's continue with installing and configuring the components of the Elastic Stack and our victim VM and ingest some threat information into the stack.

Keeping with the process in previous chapters, we'll use this chapter to build and the next chapter (Chapter 6, Data Collection with Beats and Elastic Agent) to install and configure the host components on the victim machine.

In this chapter, we'll go through the following topics:

Installing and configuring Elasticsearch
Installing Elastic Agent
Installing and configuring Kibana
Enabling the detection engine and Fleet
Building a victim machine
Filebeat Threat Intel ...

Get Threat Hunting with Elastic Stack now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Threat Hunting with Elastic Stack by Andrew Pease

Chapter 5: Building Your Hunting Lab – Part 2

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly