ELK Stack – Installing and Configuring Curator

Posted on November 16, 2017 by robwillisinfo

In this post I am going to quickly cover what is needed to get Curator up and running on the ELK stack. In the last few posts about the ELK stack I covered everything needed to get it installed, configured Continue reading →

ELK Stack – Tips, Tricks and Troubleshooting

Posted on November 9, 2017 by robwillisinfo

This post is going to be a sort of a follow up to my ELK 5 on Ubuntu 16.04 series. I am going to cover some of the lessons I have learned over the last few months of maintaining a Continue reading →

Installing and Configuring VMware vCenter 6.5 (VCSA)

Posted on November 1, 2017 by robwillisinfo

In this third and final part of my VMware series, I go over all of the basics of getting the VMware vCenter 6.5 Server Appliance up and running. Everything that I show in the video can be done with the Continue reading →

Powershell scripts fail when deployed via Group Policy as Startup scripts with Event ID 1055 and 1130

Posted on October 2, 2017 by robwillisinfo

I recently went to deploy a new Powershell based Startup script in my test environment, and while the majority of my Windows machines happily complied, 2 of my test servers that were running Remote Desktop Services did not like the Continue reading →

Exploiting Apache Struts – CVE-2017-9805

Posted on September 15, 2017 by robwillisinfo

CVE-2017-9805 is yet another very legitimate vulnerability in the Apache Struts framework. In the video, I demonstrate how easy it is to run a simple public python script against a vulnerable remote server, ultimately resulting in a reverse shell back Continue reading →

Installing VMware vSphere ESXi 6.5

Posted on July 26, 2017 by robwillisinfo

In this video I go over all of the basics of getting up and running with my favorite hypervisor, VMware vSphere ESXi 6.5. Here is a quick run down of everything covered: Where to install ESXi, hard drive or USB Continue reading →

What is VMware vSphere ESXi and vCenter?

Posted on July 8, 2017 by robwillisinfo

In this video I give a quick break down of some of the key features and differences between VMware vSphere ESXi 6.5 and VMware vCenter 6.5. I also give a quick demonstration of what it looks like when both ESXi Continue reading →

ELK 5: Setting up a Grok filter for IIS Logs

Posted on May 11, 2017 by robwillisinfo

In Pt. 3 of my setting up ELK 5 on Ubuntu 16.04 series, I showed how easy it was to ship IIS logs from a Windows Server 2012 R2 using Filebeat. One thing you may have noticed with that configuration Continue reading →

ELK 5 on Ubuntu 16.04

Posted on April 20, 2017 by robwillisinfo

In this series of posts I am going to cover everything needed to get Elasticsearch, Logstash and Kibana (ELK) up and running on Ubuntu 16.04. In the videos I use the desktop version of Ubuntu, but the process should be Continue reading →

ELK 5 on Ubuntu: Pt. 3 – Installing and Configuring Beats Agents on Windows Clients