Skip to content

Elasticsearch

Jump to bottom
Martin Willing edited this page Aug 6, 2022 · 4 revisions

Starting Elasticsearch

When starting Elasticsearch for the first time, security features are enabled and configured by default.

[Info] Starting Elasticsearch ...

The password for the elastic user and the enrollment token for Kibana are output to your terminal.
Check out the two minimized PowerShell windows.

Copy the password for the elastic user and the enrollment token.

First-Start-Elasticsearch
Fig 1: Starting Elasticsearch for the first time

[Info] Starting Kibana ...

Click the generated link to open Kibana in your browser and enter the enrollment token, which is valid for 30 minutes.

First-Start-Kibana
Fig 2: Starting Kibana for the first time

Configure-Elastic
Fig 3: Configure Elastic to get started → Paste enrollment token from terminal and click on 'Configure Elastic'

[Info] Importing JSON data to Elasticsearch [approx. 1-5 min] ...

ELK-Import
Fig 4: Please enter your Elastic credentials to start importing JSON data

mp_timeline
Fig 5: Discover MemProcFS Timeline

Dashboards
Fig 6: MemProcFS Dashboards

Happy ELK Hunting!

Last updated: 2022-08-06

Clone this wiki locally