Basic procedure for performing a rolling update on ElasticSearch. (No XPack or ML)
Misc. commands that I've used while building my ElasticStack. This will be an evolving list.
Configuring a three node cluster to provide increased reliability.
Configuring the ElasticStack to receive log data from F5 ASM.
Configuring the ElasticStack to receive UTM log data from Fortigate Firewalls.
Creating a template for an index with the Geo-point data type.
Lessons learned troubleshooting pipelines and working with filter plugins.
Building an ElasticStack implementation as a proof of concept for security log metrics and reporting.
A collection of resources I've found useful while working with the ElasticStack. Many thanks to those that have contributed these resources to the community.