ELK

Setting Up ELK

Installing ELK

cd C:\Users\$($env:USERNAME)\Desktop\Breaching-Defenses.com
docker-compose up

Enroll agent

Now that we have setup elk we want to enroll our agents.

Read the token from ELK/token/elastictoken and modify LabSources/CustomRoles/Elastic_agent/HostStart.ps1 line 21 to:

C:\Tools\ELK\elastic-agent\elastic-agent.exe install --insecure -f -url=http://elk.breachdefs.com:28220 --enrollment-token=<TOKEN>;