UNC CAUSE 2016 has ended
Back To Schedule
Thursday, October 6 • 11:30am - 12:15pm
Hunting ELK: An Intro to the Elastic Stack

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Splunk is amazing...and amazingly expensive. Universities and businesses across the country are leaning on the ELK stack (elasticsearch, logstash, kibana) to do interesting things with log data without maxing out their Splunk licenses.

I'll discuss the basics of the ELK stack, why I found it attractive, how it can scale for basic log aggregation and management, how we pair it with other open source software for incident response and some of the pitfalls we have seen with our alpha testing.


Kevin Wilcox

Appalachain State University
I am an Information Security Specialist at Appalachian State University with a background in Unix and Linux administration, intrusion detection and network security monitoring. You can find my blog at http://opensecgeek.blogspot.com

Thursday October 6, 2016 11:30am - 12:15pm EDT
North Main Hall E