A talk I gave at the Philly Security Shell meetup 2019-02-21 on how the Elastic Stack works and how you can use it for indexing and searching security logs.

Tools I mentioned:
Github repo with script and demo data - github.com/SecHubb/SecShell_Demo
Cerebro - github.com/lmenezes/cerebro
Elastalert - github.com/Yelp/elastalert
===
For info on my SANS teaching schedule visit: www.sans.org/instructors/john-hubbard
Twitter: twitter.com/SecHubb
My SANS Courses:
SEC450 - Blue Team Fundamentals: sans.org/sec450
MGT551 - Building and Leading Security Operations Centers: sans.org/mgt551

Blueprint Podcast: sans.org/blueprint-podcast
Twitter: twitter.com/SecHubb