Overview
If you use one for more of the FireEye Threat Prevention Platforms, you’re already familiar with the wealth of security event data the appliances provide. This information is useful in itself —or even better, in context with event data generated by other tools. Many security information management tools (SIMs) can help correlate data between FireEye and other appliances.
What you might not know is that you can get even more from your FireEye data, thanks to many of the free tools available for download.
I’m a big fan of ElasticSearch and MongoDB, and they play well together. For ElasticSearch users, Kibana is a well-polished dashboard that can present your data in an easy-to-read format that you can act on.
Part I of this blog series explains how to get each of these tools running and receive data from FireEye. Part II, coming soon, explains how to use these tools to get more out of your FireEye data.
