I'm Cybersecurity Solution Architect helping my customer to deploy SOC (Security Operation Center) including SIEM and Monitoring Systems, by using Elastic Stack
[login to view URL]
I can help you with the following:
✅ Administration of ELK Stack. Cluster setup, installations, Authentication, and Securing with certificates.
✅ Elasticsearch Multi-Tier Architecture with ILM and Searchable snapshots.
✅ Deploy on AWS or on-Prem, Deploy using Docker, Kubernetes, ECE, ECK, or any Linux, macOS, or Windows machine.
✅ Index Life-cycle Management and Retention Policy of Data for ES Indices.
✅ Creating Kibana dashboards and visualizations.
✅ Logstash data processing and Pipeline management.
✅ Logstash Advanced Filters and Grokking logs.
✅ Monitoring and Observability using Beats, Elastic-agents/Fleet, APM, and RUM.
✅ Elastic Security for SIEM & security analytics.
✅ Intergate your IDS/IPS/Firewall with ELK stack for Alerting and Anomaly detection.
✅ I already integrate those products with ELK: Sophos, Fortinet, cisco IOS/ASA, Netflow, snort, Zeek, Appach, Nginx, Symantec endpoint protection, Suricata, Arkim, pfsence, Kafka, MySQL.
✅ Move and Sync your SQL databases to Elasticsearch.
✅ Installation and configuration of NagiosCore for monitoring.