How to Use

Start SysmonSearch

Start Elasticsearch, Kibana and StixIoC server:

# Elasticsearch service start
$ $ES_HOME/bin/elasticsearch

# Kibana service start
$ $KIBANA_HOME/bin/kibana

# StixIoC service start
# Actibate venv before execute python
$ cd SysmonSearch/stixioc-import-server/
$ python server.py

If using docker:

Execute docker-compose in SysmonSearch/docker directory:

$ cd SysmonSearch/docker/
$ docker-compose up

---

Access Kibana

Access http://[Kibana Server IP address]:5601/ with a web browser.