日常使用中的一些经验，给使用ES的筒子们一些建议，如有错误，请多多包含..
 
































 

1. 安全播报：超过5000个kibana实例裸奔在互联网 http://t.cn/R9JLxE9
你的kibana也在裸奔吗？戳这里
 
 2. string类型已死，字符串永生 http://t.cn/R9xxGwq
还在疑惑ES5为什么移除了string类型？这里有你想要的答案。

3. 机器学习与日志分析 http://t.cn/R9xxJtU
不要被潮流淘汰：人工分析日志是徒劳的，机器学习是日志分析的趋势，玩转日志分析和机器学习。

4. 另类玩法：用Elasticsearch和Grafana分析你的GitHub项目 http://t.cn/R9xXkZE
想快速直观炫酷的了解自己的github project，这篇文章教你新姿势。

编辑：金桥

归档：https://elasticsearch.cn/article/207
订阅：https://tinyletter.com/elastic-daily

消息来自：https://medium.com/%40SergiuSe ... 4af48
因为这个网址不存在，所以搬过来大家一起看看，请自查自家服务器是不是快乐的在裸奔，嘿，要管管了啊。
试试：
https://www.zoomeye.org/search ... Dhost 
https://www.shodan.io/search?query=kibana​ 
 

Over 5,000 Kibana instances exposed on the internet

I’m not a big fan of writing articles so I’ll keep it short… I was using Shodan.io recently for research purposes and while searching for different devices I came across 5,591 Kibana instances exposed over the internet. A significant number of those instances didn’t use any authentication mechanisms and several had +100 million log events recorded.

The query syntax that I used was the following: kibana port:”5601".


 
Risk: Kibana is deployed alone or together with Elasticsearch and Logstash (the ELK Stack) for log management purposes and it gained notoriety in the last couple of years as an open source alternative to more expensive commercial solutions. Log management solutions usually contain sensitive info and should not be exposed over the internet… (people who are familiar with information security know what I’m talking about).

Solution: For all the entities affected please refer to the following link and enable authentication on your Kibana implementations: https://www.elastic.co/guide/e ... .html


 
去年的大规模勒索事件，大家应该还记得吧，什么，ES你也裸奔着，你。。。