Видео

Thanks for your message. I put 0 because then I can focus on discussing the hot warm cold cycle. I can produce a other video series on replica sets in the future

Thanks for your message. I put 0 because then I can focus on discussing the hot warm cold cycle. I can produce a other video series on replica sets in the future

@evermightsystems thank you

update on the problem, I discovered that the other one also gives a similar error "message":"Error fetching data for metricset nginx.stubstatus: error fetching status: HTTP error 404 in : 404 Not Found","component":{"binary":"metricbeat","dataset":"elastic_agent.metricbeat","id":"n but I don't remember that during the installation we did previously we had to install any "metricbeat" I installed and configured it using this video ruclips.net/video/OYS0hzPDgp4/видео.html

I don't know if this is really the problem, but the truth is that it identifies it as "healthy" and doesn't pass any logs, the agent installation runs smoothly.I don't know if this is really the problem, but the truth is that it identifies it as "healthy" and doesn't pass any logs, the agent installation runs smoothly.

Thanks for your message, i haven't tried instrumenting a .net app yet. You can send us samples of your code via email and I'll let you know if i see anything obvious. You can contact us through website here: evermight.com/contact, then we can start exchanging emails

If you need assistance you can email us your error logs at evermight.com/contact

This episode includes example of filebeat shipping data to elasticsearch when elasticsearch uses privately signed certificates: ruclips.net/video/_KEsnwFIhDw/видео.html&pp=gAQBiAQB Code available here: github.com/evermight/elk-wordpress-siem/tree/master/beats This episode shows logstash using elasticsearch input when elasticsearch has privately signed TLS ruclips.net/video/KpSxxa4JOGU/видео.html&pp=gAQBiAQB code available here: github.com/evermight/elk-wordpress-siem/tree/master/logstash This members video shows Filebeat, Kafka, Logstash, Elasticsearch all over privately signed tls certs: ruclips.net/video/2vkqm6I2ppw/видео.html

Thanks for your message! I don't yet have enough experience to speak To azure and Microsoft environments. Apologies for that, but I hope your research goes well

@@evermightsystems I have tried it all the weekend without result due to an error regarding vm.max_map_count where Elasticsearch has min value 262144, and you cannot change it on Azure Container Instance or Azure Container Apps. Did you manage to install ELKF with Kubernetes?

@@STAM2302 I have a couple of DRAFT videos in my paid members area and they are: Kubernetes + Elastic Cluster with 3 nodes and kibana: ruclips.net/video/aCAjuoXd6rA/видео.html Kubernetes + Elastic + Kibana + APM: ruclips.net/video/iSk-3yG-WzY/видео.html These videos are draft because I don't do a "deep-dive" explanation. INstead, I do a demonstration / quickstart start walk-through, show the code I used, and give a link to download the code I used. Once I have time to fully kick the tires on these Kubernetes + Elastic, I will publish a free video along with the deep-dive explanation. These were done on Ubuntu 22.04, i didn't try it in a windows, microsoft or azure environment Maybe these can be helpful to you?

Added to our task list!

Can you please tell me when you can make it?

I think it would be at least several months away before we start this

Maybe you're referring to using let's encrypt certificates with the transport protocol? If that is the case, we strongly discourage this approach. In our elastic search cluster video, we explain that CA root certificates are used for authentication. If you use a public CA, then your root ca certificate is well known to the entire world, which allows anyone and everyone to join your cluster like an open door. But if you still wish to use this approach we show how this is done in this paid membership video ruclips.net/video/X9R7ocI2mWs/видео.htmlsi=hi66u98KGItj994B This paid membership video does not use docker, but you can easily just bind mount your publicly signed certificates to the transport parameters in your docker compose file

@@evermightsystemsI am actually trying to use the Let’s Encrypt on the http and self signed on the transport. How do I configure the docker-compose file for this?

This original video on elastic cluster uses Let's Encrypt for HTTP and the original elastic autogenerated/self-signed p12 certs on transprot protocol: ruclips.net/video/TfhcJXdNSdI/видео.html (written summary here: elasticsearch.evermight.com/setup-elasticsearch-cluster/) Then in this playlist,: ruclips.net/p/PLPatHYWw1RVv7_AamUYTZMZ3iN-T7QBmY you should see 4 different videos on 4 completely different ways to create TLS certs for the transport protocol, of which 3 of them are self-signed/private CA and 1 of them is using Let's Encrypt. They all start with the title "Elasticsearch - Transport TLS" . So you can pick the self-signed approach most suitable to you. Note that in all the videos mention in this comment, they are NOT using docker. However, the properties I modified i nthe video are exactly the same properties you need to modify in exactly the same way in a docker-compose file. Hopefully that helps?

If you are still runnig into issues, you can email us the errors you're getting via our website evermight.com/contact

@@evermightsystems I watched both of these but for some reason I cannot get the docker-compose configured for a multi node configuration.

OK added to task list, but might be a while before we can get to it!

Thanks for your message! The process would be different depending on which web server you are using. For example, most of our other videos show how this is done for various parts of the ELK framework (kibana, elasticsearch, Logstash, fleet server, docker, etc...). And for web developers, they could be using Apache, nginx, nodejs express, go http, etc... So it depends on which application you are using

Alright, I have a DRAFT version of PHP + APM video here: ruclips.net/video/u0r23mng8wQ/видео.html . And I have a DRAFT version of Laravel + APM video here: ruclips.net/video/QHOTH7rZn40/видео.html. I feel I covered maybe 70% to 80% of what most PHP developers need to know. Once I figure out a few more minor details, I will publish a more thorough video series on PHP+Laravel+APM.

@@evermightsystems it seems members only. how to be a member? thank you for your support and wish you all the best creating new contents everyday.

There is a Join button on each video that will let you be a member. THere is a monthly fee, but you can cancel at any time. Or you can wait until I create the final version which I plan to release for free. But that might take at least a month because I have to finish a few other videos first as well as our other client project deadlines. Thanks!

@@evermightsystems thank man. appreciate your support

@@evermightsystems maybe i dont see the join button because the content is not for my region i guess.

Glad to hear you made some progress. Regarding any of the es node being down, just double check you're not experiencing something related to the split brain effect. If any issues, you can schedule a call with us and we can figure it out together evermight.com/contact

Thanks for your message. Can you clarify...did you mean "simple method" instead of "simole method"? If so, I think the `elasticsearch-certutil` approach is the most simple, which is exactly what is used in the `setup` service of the docker-compose file.

Thank you very much for your support!

Thanks for your message preet, I don't recall if i experienced this issue, sorry unabel to assist with this at this point. But if you discover the solution, let us all know!

but also failed sudo command get logged towards auth.log, so amybe check there?

Thanks for the reply.. Your video is very useful. Okay I will check the elk documents and find the right answer.

I have one more question. How do I check user login history ?

I think it could work. I have been wanting to try out the IMAP input plugin for Logstash as documented here: www.elastic.co/guide/en/logstash/current/plugins-inputs-imap.html . And maybe I might need a ruby filter as well to write some ruby code to target specific attachments. Just haven't gotten around to it yet. If you have success, let us know!

ruclips.net/video/KpSxxa4JOGU/видео.htmlsi=9OyFwfgDb8-HTCq7 this episode from or WordPress SIEM with ELK series does a few demonstrations of this . We capture many types of alerts in an index , then we use Logstash to read the indices and relay the information to Email/STMP servers. Not sure if that's what you meant? If any other questions, send us an email via HTTPS://evermight.com/contact. RUclips doesn't notify us of new comments sometimes.

Thanks for your message. I have not encountered this error before. If you need to schedule a collaborative work session with us , you can do so through our website: evermight.com/contact

I haven't done it before, but according to this documentation, for test purposes you can do this: www.elastic.co/guide/en/elasticsearch/reference/current/docker.html You just need to set envrionment variable ES_JAVA_OPTS in your docker compose with the appropriate parameters. For a production-like use case, you can follow these instructions: www.elastic.co/guide/en/elasticsearch/reference/current/advanced-configuration.html#set-jvm-options Meaning you bind mount the directory /usr/share/elasticsearch/config/jvm.options.d/ through tyour docker-compose settings. THen you can add any options to the jvm.options.d directory Hopefully that works! if you ned more assistance, just contact us through our website to schedule an online collaborative session evermight.com/contact

@@evermightsystems Sure, I added to the docker-compose.yml configuration below enviroments, but also you need to give more RAM to elasticsearch in the .env configuration also. Thanks!

Use the docker service name of the container

I don't know the answer to this question! Normally you would have many nodes in a cluster so that when some our unavailable, you would have other master nodes take over. The only time when all nodes are unavailable is if you intentionally shutdwn the whole cluster, and in such an event, you would carefully take note of which were the last master nodes during your shutdown process.

You should look in the /var/logs/kibana/kibana.log file to see what the specific issue is. If you run into trouble, use the contact us form in our website to schedule a meeting with us and we'll try to fix

Thanks for your message. You should check to see if you are referencing the CA cert correctly. If you need assistance you can schedule a call with us through our contact us page on our website evermight.com/contact

It's been a while since I recorded this so I apologize if errors. As if today the /use/share/filebeat/bin/filebeat setup [...options...] Will set up your data views, data streams, dashboards etc.... every time your run the command, it will "reset" all those settings. So you should run it only once unless you are intent in resetting things!

@@evermightsystems ok, thank you! Do you know if there is a way to not setup the dashboards though? I tried the setting setup.dashboards.enabled: false but dashboards still seem to be loading in