About me

I am a perfectly normal human being who somehow ended up in IT instead of something like being a chef or professional drummer; the only similarities with IT seem to be long and anti-social hours.Infrastructure architect by day, family architect by night, I often find myself trying to explain complicated concepts and scenarios to management and children – generally with some success – and frequently on the end of the “This is wierd, can you investigate?” problems.

This Blog will hopefully aid people who find themselves in similar situations and also as a place where I can put things without the risk of loosing them down the back of the sofa.

4 Replies to “About me”

  1. Regarding suricata on pfsense, u mention package filebeat beats-6.2.3.txz, but inside that package missing folder module and modules.d, they are needed for 6.2.3 ELK stack, cause they can create dashboard in kibana, BUT you didn’t mention anything about modules, do I need logstash module put in filebeat.yml like, find that 2 folders in linux tar.gz package on elastic site;

    – module: logstash
    filebeat module enable logstash -c config.path

    why beats package don’t have folders and vesrion is the same 6.2.3

    1. Hi Robin,
      I have now updated the tutorial to take this into account. Luckily the required files are non-binary files and can be extracted from the standard linux .tar.gz Filebeats download. The tutorial now includes steps to extract the required directories, move them to the correct place, enable the module(s) and an update to the filebeat.yml config.

      Hope that helps

