ELK Stack and Metricbeat.

Stealthychu

Commendable
Jul 30, 2017
11
0
1,510
I currently have a network and i wish to set up an ELK Stack on it to gather different types of information from clients.

I have successfully installed the ELK Stack and can connect to the kibana dashboard from a client device with no problems.

I am now looking to install Metricbeats to start gather metrics from the client but i am un-sure as to whether I install Metricbeats on the client device or server device running the ELK stack?


From what i've read it seems you install it on the ELK server but i am unsure how doing that would gather information from the client and send it back to kibana?


Both devices are running Ubuntu 18.04.

Thanks, for any help provided.
 
That's going to be something on the client that helps gather and send logs to logstash. Your ELK deployment should be locked down pretty tight. If that gets infected it's not going to be helpful. Security Onion might be worth looking into as well.