Setup Elk for visualisation(kibana), as well as to recieve messages from different machines

[prakharguptaujjain]

Issue - #204

I have not added Elk packages to auto-download in Docker files yet.
Added code according to template

ALL TESTS PASSING

[eldraco]

Hi @prakharguptaujjain . Thanks for your wokr on the ELK module.
We have been reviewing it.

the main issue is that we don't want Slips to run ELK in the endpoint. We would like Slips to send alerts logs to a remote ELK.

The confusion came because we had this task as an 'internal' task, and then I decided to publish it here.

So, the module should export alerts remotely to an ELK that is already running in some service.
However we would need some instructions in the readme of the module on how to setup elk in case the people needs it.

Do you think you can do the changes so we can move forward with this?
thanks

[prakharguptaujjain]

Yes I can work on that, so I need a README instruction for people who want to setup and enable remote sending of logs

[eldraco]

Hi @prakharguptaujjain yes, exactly.
1- A readme with simple instructions on how to run ELK (probably a docker is fine)
2- code to make slips send there and what slips needs (remote, IP, port, user, pass)
please put the data needed from slips in the slips.conf file

[AnonymityAdvoc8]

Hi @eldraco,

I've notice this hasn't been worked on in a while. I can continue working on it. I would implement filebeat and allow users to send the logs to which ever ELK stack the want.