Index
Expand All Collapse All

• - Homelab Security Monitoring
• Introduction
• Lab setup
• Requirements
• What will be collected?
• Log Data Flow
• - Humio introduction
• Humio log ingestion
• Humio overview diagram
• - Log forwarding introduction
• How Beats shipper works
• Typical Beats config for Humio
• - Parsers
• Accesslog parser example
• Ingest token creation
• - Logging - Linux
• Important logs
• Creating ingest token
• Installing filebeat
• Configuring filebeat
• Shipping to Humio
• Viewing the events in Humio
• - Logging - Windows
• Important logs
• Process and Powershell logs
• Sysmon
• Creating ingest token
• Installing winlogbeat
• Configuring winlogbeat
• Shipping to Humio
• Viewing the events
• Network - Network Monitoring
• - Network - Suricata
• Installing Suricata
• Configuring Suricata
• Suricata logs
• Shipping logs
• Viewing the events in Humio
• - Network - Zeek
• Installing Zeek
• Configuring Zeek
• Zeek logs
• Shipping logs
• Viewing the events in Humio
• Logstash
• Humio ingest API
• Humio queries and dashboards
• Opsgenie introduction
• - Alerting with Humio and Opsgenie
• Humio Email Alerts
• Automation and enrichment
• Alternatives