Collecting & analysing Windows event logs with Winlogbeat & ELK

Thanks mate! I am currently working on my Bachelor thesis, where I am using Security Onion in a test lab / virtual environment and running some Red Canary Atomic Tests against it.
Your channel is vastly underrated! There are not many good video step by step tutorials out there when it comes to Security Onion!
So yeah, thanks again mate! 🙏

Damn, thanks for remembering me what actual video quality looks like!

Your videos are really awesome, highly useful, easy to understand and practical.

Loving the videos man please keep it rolling!

Top tier videos. Thank you for creating this content.

Thanks!! You helped be find a problem I had with forwarding to SO, I'll be looking more ar your resources.

amazing video, congrats, I came here trying to find a way to create default dashboards

Thanks mate!

I do like you enthusiasm. Well done. Carry on. Myself looking at those videos as a beginer security ethusiats, more simplistic approach are welsom for upcoming videos. thanks.

Awesome Thank you

Great!!!

Thank you for this. I was struggling to get it working and it turns out I just missed a couple comment settings in the .yml. Your video solved it for me!

Awesome video Andy! There are so many videos out there consist of high-level but ultimately un-actionable information / buzz words, meanwhile you deliver concrete actionable information. Super high-value content (which is so hard to find).
Would you be into doing a video pushing DFIR agents (something like Velociraptor)?

Hi dud its really a nice video

Good Stuff! Would love to hear more about your hardware setup to host vms

I'm trying the GPO part, but I have to reboot each computer in order to get it to work. I get an error message in Even Viewer saying that the GPO failed to apply because the service wasn't an installed service. I know it's a year later but I'm hoping you can help me out! Great video!!

Were you able to run logstash on eval mode? I cannot enable it.