I have an Elasticsearch 7.1 and i have configure filebeat to collect all log. I want to check if i have password in log.
So anyone have an idea how can i find all password in log using filebeat.
Thank you
Asked
Active
Viewed 81 times
1 Answers
0
You'll have to query your data in some Elasticsearch Indices using the REST API of Elasticsearch and/or make use of a frontend like Kibana shipping with it's own set of query languages.
What Indices your data is stored in and how this looks depends entirely on your setup.
- Filebeat only collects the data.
- Elasticsearch stores the data.
- You'll also have to know what password you're looking for or know the pattern of the log lines in question of a program that writes password to a log
- You did not mention any data shipper (like Logstash)
Beko Pharm
- 306
- 1
- 6