Updating pfSense and Elastic Stack (ELK) Posts for 6.3.x

Updating pfSense and Elastic Stack (ELK) Posts for 6.3.x

Hi everyone,

I’ve been neglecting this blog a little recently as I’m presently studying for two degrees, which has had me a little distracted. But now it’s the summer break I’ve a little time to play with things. After rebuilding my pfSense recently (due to a hardware change) I discovered that my pfSense and ELK stack tutorials no longer worked as expected for the ELK 6.3.x releases. Apologies, the step from ELK 5.x to ELK 6.x seems to have changed a fair few elements which are not the most intuitive things to work out if you’re following my tutorials verbatim. So, time to fix things!

I’m going through and updating the articles, and have completed updates to the following so far:

https://extelligenceblog.it/2017/07/11/elastic-stack-suricata-idps-and-pfsense-firewall-part-1/

https://extelligenceblog.it/2017/07/14/elastic-stack-suricata-idps-and-pfsense-firewall-part-2-elasticstack-installation-and-config/

The rest will follow shortly (As I rebuild my ELK server)

 

Enjoy!

 

2 Replies to “Updating pfSense and Elastic Stack (ELK) Posts for 6.3.x”

  1. Hi, thankyou so much for documenting this guide Just what i needed for a spinoff in securityland
    I was wondering when you’re updating the other parts iv’e tryed the 2017 tutorials as a follow-up but got stuck with the Geo filter in logstash is it possible that things have changed for the newer versions?

    K.r. Ruben

    1. Hi Ruben,
      I’m glad you have found it of use. Yes – there are some geo changes I’ve spotted when trying spark a new install into life. I’ll try and take a look over the next couple of weeks at parts 3 & 4. I’ve got a University assignment i’m trying to wrap up at the moment which is taking my time.

Leave a Reply

Your email address will not be published. Required fields are marked *