Chapter 5: Building Your Hunting Lab – Part 2

Now that we've discussed the architecture and built our Elastic Virtual Machine (VM), let's continue with installing and configuring the components of the Elastic Stack and our victim VM and ingest some threat information into the stack.

Keeping with the process in previous chapters, we'll use this chapter to build and the next chapter (Chapter 6, Data Collection with Beats and Elastic Agent) to install and configure the host components on the victim machine.

In this chapter, we'll go through the following topics:

  • Installing and configuring Elasticsearch
  • Installing Elastic Agent
  • Installing and configuring Kibana
  • Enabling the detection engine and Fleet
  • Building a victim machine
  • Filebeat Threat Intel ...

Get Threat Hunting with Elastic Stack now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.