Difference between revisions of "KHIKA User Guide"

From khika
Jump to navigation Jump to search
(Index)
(Index)
Line 60: Line 60:
 
::[[KHIKA Visualizations#Goal|Goal]]
 
::[[KHIKA Visualizations#Goal|Goal]]
 
::[[KHIKA Visualizations#Metric|Metric]]
 
::[[KHIKA Visualizations#Metric|Metric]]
 +
 +
<br/><br/>
 +
[[KHIKA Dashboards]]
 +
:[[KHIKA Dashboards#Introduction|Introduction]]
 +
:[[KHIKA Dashboards#Creating a Dashboard|Creating a Dashboard]]
 +
:[[KHIKA Dashboards#Editing Elements on a Dashboard|Editing Elements on a Dashboard]]
 +
:[[KHIKA Dashboards#Viewing Visualization data on Dashboard|Viewing Visualization data on Dashboard]]
 +
:[[KHIKA Dashboards#Searching / Filtering data on the dashboard|Searching / Filtering data on the dashboard]]
 +
::[[KHIKA Dashboards#Steps for Adding a Filter on a Dashboard|Steps for Adding a Filter on a Dashboard]]
 +
::[[KHIKA Dashboards#Steps to Search and Save on a Dashboard|Steps to Search and Save on a Dashboard]]
 +
 +
<br/><br/>
 +
[[KHIKA Reports]]
 +
:[[KHIKA Reports#Introduction|Introduction]]
 +
:[[KHIKA Reports#Adding a Report|Adding a Report]]
 +
:[[KHIKA Reports#Scheduling Reports|Scheduling Reports]]
 +
:[[KHIKA Reports#Generating KHIKA Report Manually|Generating KHIKA Report Manually]]
 +
:[[KHIKA Reports#Report History|Report History]]
 +
:[[KHIKA Reports#Downloading a Report|Downloading a Report]]
 +
 +
<br/><br/>
 +
[[KHIKA Alerts & Correlations]]
 +
:[[KHIKA Alerts & Correlations#Introduction|Introduction]]
 +
:[[KHIKA Alerts & Correlations#Alert Dashboard|Alert Dashboard]]
 +
::[[KHIKA Alerts & Correlations#Creating your own Alerts in KHIKA|Creating your own Alerts in KHIKA]]
 +
::[[KHIKA Alerts & Correlations#Before creating an alert :|Before creating an alert :]]
 +
::[[KHIKA Alerts & Correlations#Creating a Simple Alert: Logon Failure on Windows|Creating a Simple Alert: Logon Failure on Windows]]
 +
::[[KHIKA Alerts & Correlations#Slightly Advanced Alert: Multiple Logon failure on Windows for the same user|Slightly Advanced Alert: Multiple Logon failure on Windows for the same user]]
 +
::[[KHIKA Alerts & Correlations#More Advanced Alert: 10 or more unique network connections for a windows host within 1 minute|More Advanced Alert: 10 or more unique network connections for a windows host within 1 minute]]
 +
::[[KHIKA Alerts & Correlations#Advanced Alert: A successful brute-force attack|Advanced Alert: A successful brute-force attack]]
 +
:[[KHIKA Alerts & Correlations#Alert emails for Stakeholders|Alert emails for Stakeholders]]
 +
  
  
  
 
Refer the next section for [[Accessing the KHIKA Gui]]
 
Refer the next section for [[Accessing the KHIKA Gui]]

Revision as of 08:50, 17 June 2019

Index



Accessing the KHIKA Gui

Login
Change the password
Creating a User Group
Creating a Workspace
Creating a new User
Access Control in KHIKA



Getting Data into KHIKA

Introduction
Data Flow and Components in KHIKA
KHIKA Apps
Importing an Application
Exporting an Application
Server monitoring in KHIKA using OSSEC
Installing OSSEC Agent for Linux
Installing OSSEC Agent for Windows
Configuring OSSEC Adapter in KHIKA
Adding the device in the Adaptor
Extract key from KHIKA OSSEC Server
Insert unique OSSEC key in Linux OSSEC Agent
Insert unique OSSEC key in Windows OSSEC Agent
Reload Configuration
Verifying OSSEC data collection
Troubleshooting
Monitoring in KHIKA using Syslog forwarding



Discover or Search Data in KHIKA

Introduction
Index Pattern
Setting the Time Filter
Searching Your Data
Lucene Query Syntax
Saving and Opening Searches
Changing the Index
Refreshing the Search Results
Filtering by Field
Managing Filters
Viewing Document Data



KHIKA Visualizations

What is a KHIKA Visualization?
Creating a Visualization
Examples of Visualization
Area Chart
Heat Map
Horizontal and Vertical Bar Chart
Line chart
Pie Chart
Data Table
Gauge
Goal
Metric



KHIKA Dashboards

Introduction
Creating a Dashboard
Editing Elements on a Dashboard
Viewing Visualization data on Dashboard
Searching / Filtering data on the dashboard
Steps for Adding a Filter on a Dashboard
Steps to Search and Save on a Dashboard



KHIKA Reports

Introduction
Adding a Report
Scheduling Reports
Generating KHIKA Report Manually
Report History
Downloading a Report



KHIKA Alerts & Correlations

Introduction
Alert Dashboard
Creating your own Alerts in KHIKA
Before creating an alert :
Creating a Simple Alert: Logon Failure on Windows
Slightly Advanced Alert: Multiple Logon failure on Windows for the same user
More Advanced Alert: 10 or more unique network connections for a windows host within 1 minute
Advanced Alert: A successful brute-force attack
Alert emails for Stakeholders



Refer the next section for Accessing the KHIKA Gui