This is a collection of examples to help you get familiar with the Elastic Stack and X-Pack. Each example folder includes a README with detailed instructions for getting up and running with the particular example. The following information pertains to the examples repo as a whole.
You have a few options to get started with the examples:
-
If you want to try them all, you can download the entire repo . Or, if you are familiar with Git, you can clone the repo. Then, simply follow the instructions in the individual README of the examples you're interested in to get started.
-
If you are only interested in a specific example or two, you can download the contents of just those examples (instructions in the individual READMEs).
See here
Below is the list of examples available in this repo:
- NGINX - JSON
- NGINX - common format
- NGINX Plus - JSON
- Apache access logs
- Simple recipe search app in PHP
Examples using the Elastic Stack for analyzing public dataset.
- DonorsChoose.org donations
- NCEDC earthquakes data
- NYC traffic accidents
- US FEC campaign contributions
- CDC health behavior survey
- NYC restaurant health grades
X-Pack lets you set up watches (or rules) to detect and alert on changes in your Elasticsearch data. Below is a list of examples watches that configured to detect and alert on a few common scenarios:
- High I/O wait on CPU
- Critical error in logs
- High filesystem usage
- Lateral movement in user communication
- New process started on hosts
- Port scan detected
- Interrupted log flow from hosts
- Trending hashtag on twitter
- Unexpected account activity
- Detecting DNS tunnels
- Watch history dashboard
- [Exploring attack vectors in Apache logs using Graph] (https://github.com/elastic/examples/tree/master/ElasticStack_graph_apache)