Elasticsearch
You know, for search (and analysis)
Troubleshoot
Check rápido da saúde do cluster via REST API:
1export ENDPOINT=localhost:9200
2curl -X GET "$ENDPOINT/_cluster/health?wait_for_status=yellow&timeout=50s&pretty"
3curl -X GET "$ENDPOINT/_cluster/stats?human&pretty"
4curl -X GET "$ENDPOINT/_cluster/pending_tasks"
5curl -X GET "$ENDPOINT/_nodes"
6curl -X GET "$ENDPOINT/_nodes/stats"
7curl -X GET "$ENDPOINT/_cluster/settings?include_defaults=true&flat_settings=true"Elasticsearch Interfaces
WebUI:
- kibana
- cerebro
- elasticsearch-head
- elastic-hq
Extensões SIEM
- Elasticsearch Security
- Zeek
- Wazuh
- HELK
- Dsiem
- S1EM
- Pfelk
- SIAC