Now just copy the file over to the PI using ssh and test it there: Remember we are on amd64 not arm64 on the laptop! Magic, in a few seconds, you have a “filebeat” binary in this directory!įilebeat: ELF 64-bit LSB executable, ARM aarch64, version 1 (SYSV), statically linked, Go BuildID=svVi8LJGhqXEjRJveTrA/7cOYouMPn1VzyeJqwq3W/TXZ3DZ8Wa_QYdKnsR8cm/8bg35yoawYw18mAJ30oX, not stripped You could also get the sources with “go get” bu that doesn’t matter, result the same.įlags just so see what’s happening, as go build is very silent otherwise.
Step one on the other Debian-base system, the laptop, you need of course also Go installed. And that’s so easy that I have to tell the world, because the other receipts are sometimes too specific and parts are missing for a full running manual installation, which is more than just the filebeats binary. So that didn’t work unfortunately on that little pal.īut because Go is so cool, I just “cross-complied” it on a bigger laptop, also running Kali Linux. I have to say, Go is marvelous! On the PI itself, I had bad luck, because the “go build” quickly finished with out-of-memory.
Filebeats cpu overhead install#
After trying some other paths I came across some receipts to install Beats on arm64 by manually compiling the binary with Go. Problem: Elastic does, unfortunately, despite desperate inquiries from users in the forums not provide binaries or a. So not using syslog-ng or ryslog but the best log shipper for the elastic stack, and that is Beats, better the Filebeats. But I need a modern way to transport the logs to its log monitoring station.
So I have Bro and Suricata installed on that little guy running Kali Linux for arm64. Currently I’m experimenting with using a Raspberry PI 3 B+ as a network security monitoring (NSM) sensor node.
0 kommentar(er)
