Chapter 6: Data Collection with Beats and Elastic Agent

In the last chapter, we built the virtual machines (VMs) needed for your hunting lab. In this chapter, we're going to configure all of the infrastructure used to collect all of the data we're going to generate once we start threat hunting.

It is important that the two VMs you built in Chapter 4, Building Your Hunting Lab – Part 1 and Chapter 5, Building Your Hunting Lab – Part 2, are operational and are able to communicate using the connection test at the end of the chapter.

In this chapter, you'll learn how to configure the collection agents and tools you installed in Chapter 4, Building Your Hunting Lab – Part 1 and Chapter 5, Building Your Hunting Lab – Part 2. Additionally, we'll cover ...

Get Threat Hunting with Elastic Stack now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Threat Hunting with Elastic Stack by Andrew Pease

Chapter 6: Data Collection with Beats and Elastic Agent

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly