Using Elasticsearch and Kibana to Investigate Suspicious Linux Activity with Sandfly

Linux Security Videos Presentations

Date
May 27, 2020
Author
The Sandfly Security Team

In this video we’re going to show you how to use Sandfly with Elasticsearch Kibana dashboards to search for and investigate a suspicious process on Linux.

We’ll go over Sandfly’s agentless collection of Linux operating system, security and intrusion detection data. Then we’ll use this information to investigate a rogue network sniffer started by mysterious user X.

Sandfly can easily send data into Elasticsearch (and Splunk) to help detect and investigate breaches. Best of all, we do it without loading any agents on your Linux endpoints. Stay tuned for more videos showing these capabilities.

Let Sandfly keep your Linux systems secure.

Learn More