Відео

Road Made very easy .thanks

I tried same steps as shown on the video, everything seems nice and healthy, except when it comes to datastream i have no data received on my elk stack, datastream not even existing, any suggestions please or something I ve missed ?

Thank you so much for your helpful video! I was struggling with this problem for over an hour and couldn't figure it out. Your explanation was very clear and easy to follow. I finally understand how to do it now. I really appreciate you sharing your knowledge.

Can you start a project from scratch by addressing all the DevOps themes?

i have problem to install fleet server

Thank you Ali, really appreciate putting these tuts out. They are of immense help. The image and sound quality just perfect and you voice is easy to follow. FYI, you look like my friend alot, he is also Younes family :) and lives in UAE

Hi, i still not clear with the syslog parsing part, how can logstash parsed the data if you not specify the path? and can i parse the log file?

Why you don't use enrollment token utility for forming a cluster?

Very nice learning video, do you have a video on this for docker container ?

great video as always can you please say what is the requirements for each elastic node you specify?

Спасибо, братик! Помог)

I want to install configure ELK on my Production Server i have 9 server one of them is master server

the master. thank you sir.

Great series so far. Looking forward to the next one.

Thank you very much, keep it up!

Hi ali , appreciate your hard work ,i have learned a lot from you can you please create a video how to collect logs via fleet as well on your current stack,it will be very helpful.

plz rply

plz rply

plz rply

1.[node-1] This node is a fully-formed single-node cluster with cluster UUID [rvYNhRfjRA22gZl45gHf8A], but it is configured as if to discover other nodes and form a multi-node cluster via the [discovery.seed_hosts=[172.27.1qw7.ty, 172.gj7.fg1.gy]] setting. Fully-formed clusters do not attempt to discover other nodes, and nodes with different cluster UUIDs cannot belong to the same cluster. The cluster UUID persists across restarts and can only be changed by deleting the contents of the node's data path(s). Remove the discovery configuration to suppress this message. i got above error while adding node to a existing cluster in version 8 while checking log files 2.ERROR: Failed to determine the health of the cluster. , with exit code 69 when i use below command i got above error /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node

nice one. thank for the knowledge sharing

Thank you for sharing the config. Well Appreciated

Please Continue this great great Course and thank you very much for your efforts

i got below error please rply plz rply plz rply and can you show the yml file of your master node | ERROR: Skipping security auto configuration because this node is configured to bootstrap or to join a multi-node cluster, which is not supported., with exit code 80

[ERROR] 2024-11-21 06:29:06.738 [Converge PipelineAction::Create<main>] agent - Failed to execute action {:action=>LogStash::PipelineAction::Create/pipeline_id:main, :exception=>"LogStash::ConfigurationError", :message=>"Expected one of [ \\t\ \ ], \"#\", \"if\", [A-Za-z0-9_-], '\"', \"'\", \"}\" at line 13, column 1 (byte 103) after output { stdout {} ", :backtrace=>["/usr/share/logstash/logstash-core/lib/logstash/compiler.rb:32:in `compile_imperative'", "org/logstash/execution/AbstractPipelineExt.java:294:in `initialize'", "org/logstash/execution/AbstractPipelineExt.java:227:in `initialize'", "/usr/share/logstash/logstash-core/lib/logstash/java_pipeline.rb:48:in `initialize'", "org/jruby/RubyClass.java:949:in `new'", "/usr/share/logstash/logstash-core/lib/logstash/pipeline_action/create.rb:50:in `execute'", "/usr/share/logstash/logstash-core/lib/logstash/agent.rb:416:in `block in converge_state'"]} [INFO ] 2024-11-21 06:29:06.772 [LogStash::Runner] runner - Logstash shut down.

Fantastic video. I struggled all day with this stuff then I found this video and it solved all my issues

@Ali Younes .. i am able to install the kibana and elsaticsearch by following the steps which you meintioned.But post installation i am not able to access the elasticsearch ui (10.11.12.13:5601) . note : 10.11.12.13 is the sample ip. it is loading for a long time and returning in the web : This page isn’t working 10.11.12.13 didn’t send any data. ERR_EMPTY_RESPONS

Good videos. If I want to forward all types of FortiGate log like UTM(anomaly,app-control,ips, SSL,web-filter,virus),Traffic, etc., then how do I parse all types of log? Can I use the same single filebeat machine to do that? Also, in Elasticsearch, should I need different index for these logs?

doesnt work

sir how can i add node with our self sigh certificate like CA Authoerity certificate which i have generated using elasticsearch ?

this config files are discontinued , dont use this video to install ELK

شكرا علي استفدة منك. لعمل log في الشركة شكرا جزيلا. حبذ. لو. تركزلنا على fortigate. و logstash.

جَزَاكَ اللَّهُ خَيْرًا

Hi, I have watched all your videos, you explain very clearly. I don't know if it is appropriate to go ahead with a question. As you recommended I have a cluster of 3 servers for elastic, Feet Server separate and Kibana also separate. I find it strange that when I shut down one of the servers in the Elasticsearch cluster or simply disable the elasticsearch service, Fleet stops working. I just don't understand. Any suggestions?

Very clear, thank you very much. Greetings from Colombia

Hi Thank you for all your Videos in Elastic, can you make a video on how to Integrate FortiEDR Logs using syslog going to Elastic SIEM? Thank You in Advance: )

Great video. What is the simulation software you are using? It’s amazing

Great Content Thanks a lot for this clear demo.

Keep Going Bro, We Need People like you, humble and ready to share their knowledge ... If possible, to make a series of the 200-301 Volume 1-2 All the Best Ali

where is the elastalert-create-index? it is not found anywhere in the bin folder. 😵

The backup file exported in this way does not export the "config system admin", do you know how I can make this item exported together with the API?

any helps how to add metricbeat as docker to the stack for cluster monitoring?

How can I take data from MySQL db?

hello sir i am getting this issue when i click on fleet "Kibana cannot connect to the Elastic Package Registry, which provides Elastic Agent integrations Ensure the proxy server(opens in a new tab or window) or your own registry(opens in a new tab or window) is configured correctly, or try again later. " how can i resolve this issue ?

i wish there were a like button which can generate tons of likes..i would do that on this video!! you have solve my biggest problem!!thanks a lot boss

Hi Ali, fantastic video - works like a charm. Thx for the effort. I have one or two questions regarding adding additional containers to the docker-compose file. If i add additional containers, i get the following error, validating /home/test/elk/docker-compose.yml: services.logstash Additional property filebeat is not allowed. Can file beat just be added as a separate container instead of adding it to the docker-compose file?

Hi, ca we send log from fortigate directly to logstash/elasticsearch withtout filebeat? I mean, Why do most tutorials always use Filebeat?

i have question about ILM is it possible to create lifecycle policy for index pattern not just an index

Thank you, Ali, for this video, useful one.

Still valid in 2024! Thank you for the help!