Author

Articles by Andrew Kroh

Software Engineer, Elastic

Andrew is one of the core developers on the Beats project at Elastic. Before joining Elastic, he spent eight years working as a software engineer at The Boeing Company.

Videos

Elastic Stack 8.0.0-rc1 released

We’d like to announce the first release candidate of the Elastic Stack 8.0.0 and the continuation of the Pioneer Program. Give it a try and please share all the bugs you find on GitHub.

By
Andrew Kroh
Videos

Introducing Auditbeat: Ship Linux Audit Logs to Elasticsearch and More

Auditbeat is a new Beat in 6.0. It audits the activities of users and processes. It collects Linux audit logs (similar to auditd) and monitors file integrity.

By
Andrew Kroh
Videos

Monitoring Container Resource Usage with Metricbeat

Using Metricbeat to collect container metrics using Linux cgroups.

By
Andrew Kroh
Videos

Monitoring Windows Logons with Winlogbeat

How to use the Winlogbeat and Kibana to visualize logon events from Windows event logs.

By
Andrew Kroh
Videos

Detecting DNS Tunnels with Packetbeat and Watcher

Using Packetbeat with Elasticsearch and Watcher to detect DNS tunnels.

By
Andrew Kroh

Sign up for Elastic Cloud free trial

Spin up a fully loaded deployment on the cloud provider you choose. As the company behind Elasticsearch, we bring our features and support to your Elastic clusters in the cloud.

Start free trial