{"id":3517,"date":"2019-07-04T21:38:35","date_gmt":"2019-07-04T18:38:35","guid":{"rendered":"https:\/\/kifarunix.com\/?p=3517"},"modified":"2019-07-04T21:38:36","modified_gmt":"2019-07-04T18:38:36","slug":"install-and-configure-elastic-auditbeat-on-ubuntu-18-04","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/install-and-configure-elastic-auditbeat-on-ubuntu-18-04\/","title":{"rendered":"Install and Configure Elastic Auditbeat on Ubuntu 18.04"},"content":{"rendered":"\n<p>In this guide, we are going to learn how to install and configure Elastic <a rel=\"noreferrer noopener\" aria-label=\"Auditbeat (opens in a new tab)\" href=\"https:\/\/www.elastic.co\/guide\/en\/beats\/auditbeat\/current\/auditbeat-overview.html\" target=\"_blank\">Auditbeat<\/a> on Ubuntu 18.04. Auditbeat is a lightweight data shipper that is used to collect audit events for users and system processes. It can also be used to detect changes to critical files, like binaries and configuration files, and identify potential security policy violations.<\/p>\n\n\n\n<p>Auditbeat is an Elastic Beat and hence, in order to use it, you need to install Elastic stack. See our guide on how to install Elastic Stack 7 on Ubuntu 18.04 below;<\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/install-elastic-stack-7-on-ubuntu-18-04-debian-9-8\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">Install Elastic Stack 7 on Ubuntu 18.04\/Debian 9.8<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Install and Configure Elastic Auditbeat on Ubuntu 18.04<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Install Auditbeat on Ubuntu 18.04<\/h3>\n\n\n\n<p>Auditbeat can be install from Elastic Repos or directly using the DEB binary.<\/p>\n\n\n\n<p>To install from Elastic repos;<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Import the PGP repo signing key<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>wget -qO - https:\/\/artifacts.elastic.co\/GPG-KEY-elasticsearch | sudo apt-key add -<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Create the Elastic repo.<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>apt install apt-transport-https\necho \"deb https:\/\/artifacts.elastic.co\/packages\/7.x\/apt stable main\" | sudo tee -a \/etc\/apt\/sources.list.d\/elastic-7.x.list<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Run system update<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>apt update<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Install Auditbeat on Ubuntu 18.04<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>apt install auditbeat<\/code><\/pre>\n\n\n\n<p>To install Auditbeat using DEB Binary;<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Download the binary installer<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>apt install curl\ncurl -L -O https:\/\/artifacts.elastic.co\/downloads\/beats\/auditbeat\/auditbeat-7.2.0-amd64.deb<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\"><li>Install Auditbeat<\/li><\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>apt install .\/auditbeat-7.2.0-amd64.deb<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Configure Auditbeat on Ubuntu 18.04<\/h3>\n\n\n\n<h4 class=\"wp-block-heading\">Configure Auditbeat Modules<\/h4>\n\n\n\n<p>Auditbeat supports different modules including;<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>System modules which collects various security related information about a system.<\/li><li>Audit module which collect system audit events.<\/li><li>File integrity module which collects system file changes that contain metadata and hashes.<\/li><\/ul>\n\n\n\n<p>The default configuration file for Auditbeat is <strong>\/etc\/auditbeat\/auditbeat.yml<\/strong>.<\/p>\n\n\n\n<p>In this example, we are going to run Auditbeat with the default module configurations.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>...\nauditbeat.modules:\n- module: auditd\n  audit_rule_files: [ '${path.config}\/audit.rules.d\/*.conf' ]\n  audit_rules: |\n- module: file_integrity\n  paths:\n  - \/bin\n  - \/usr\/bin\n  - \/sbin\n  - \/usr\/sbin\n  - \/etc\n- module: system\n  datasets:\n    - host    # General host information, e.g. uptime, IPs\n    - login   # User logins, logouts, and system boots.\n    - package # Installed, updated, and removed packages\n    - process # Started and stopped processes\n    - socket  # Opened and closed sockets\n    - user    # User information\n  state.period: 12h\n  user.detect_password_changes: true\n  login.wtmp_file_pattern: \/var\/log\/wtmp*\n  login.btmp_file_pattern: \/var\/log\/btmp*\n...<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Configure Auditbeat Output<\/h4>\n\n\n\n<p>In this guide, we are going to use Logstash data processing engine as the output for Audibeat collected events.<\/p>\n\n\n\n<p>Hence, open the configuration file and under the Outputs section, define your output. Comment Elasticsearch output and enable Logstash. Ensure that there is a connection to Logstash.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>vim \/etc\/auditbeat\/auditbeat.yml<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>...\n#================================ Outputs =====================================\n\n# Configure what output to use when sending the data collected by the beat.\n\n#-------------------------- Elasticsearch output ------------------------------\n#output.elasticsearch:\n  # Array of hosts to connect to.\n  #hosts: [\"localhost:9200\"]\n\n  # Optional protocol and basic auth credentials.\n  #protocol: \"https\"\n  #username: \"elastic\"\n  #password: \"changeme\"\n\n#----------------------------- Logstash output --------------------------------\noutput.logstash:\n  # The Logstash hosts\n  hosts: [\"192.168.0.106:5044\"]\n...<\/code><\/pre>\n\n\n\n<p>Configure Logstash beats input for receiving event data from Elastic beats. <\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>input {\n  beats {\n    port => 5044\n  }\n}\n<\/code><\/pre>\n\n\n\n<p>You can also define the Auditbeat index on Logstash Elasticsearch output configuration. The default is audibeat. You can however use <strong>%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM }&#8221;<\/strong> to autodetect the Beat used.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Logstash Elasticsearch Output\noutput {\n  elasticsearch {\n    hosts => [\"http:\/\/192.168.0.106:9200\"]\n    index => \"%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}\" \n  }\n}<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Load Elasticsearch Index Template<\/h4>\n\n\n\n<p>If you are using Logstash or any other processing engines instead of using Elasticsearch as output, you need to load the index template manually into Elasticsearch.<\/p>\n\n\n\n<p>This requires a direct connection to Elasticsearch. The command below is used to load the index template manually to Elasticsearch (It temporarily disables Logstash Output).<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>auditbeat setup --index-management -E output.logstash.enabled=false -E 'output.elasticsearch.hosts=[\"192.168.0.106:9200\"]'<\/code><\/pre>\n\n\n\n<p>If, however, there is no direct connection to Elasticsearch, you can generate the template and install on Elasticsearch server.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>auditbeat export template &gt; auditbeat.template.json<\/code><\/pre>\n\n\n\n<p>Next, copy the Auditbeat Index template, <strong>auditbeat.template.json<\/strong>, to Elasticsearch and install it as follows.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>curl -XPUT -H 'Content-Type: application\/json' http:\/\/192.168.0.106:9200\/_template\/auditbeat-7.2.0 -d@auditbeat.template.json<\/code><\/pre>\n\n\n\n<p>Verify that Auditbeat index template has been loaded to Elasticsearch.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>curl -XGET 192.168.0.106:9200\/_cat\/indices?v\nhealth status index                             uuid                   pri rep docs.count docs.deleted store.size pri.store.size\ngreen  open   .kibana_task_manager              xQztoO5CRoygONVw6ujEVg   1   0          2            9     25.4kb         25.4kb\nyellow open   auditbeat-7.2.0-2019.07.04-000001 7jNXrH_pTlaSyMF99ITgPw   1   1          0            0       230b           230b<\/code><\/pre>\n\n\n\n<h4 class=\"wp-block-heading\">Running Auditbeat<\/h4>\n\n\n\n<p>To run Auditbeat in the foreground,<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>auditbeat -e<\/code><\/pre>\n\n\n\n<p>To run Auditbeat as service;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>systemctl start auditbeat<\/code><\/pre>\n\n\n\n<p>Enable it to run on system boot.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>systemctl enable auditbeat<\/code><\/pre>\n\n\n\n<p>Once Auditbeat is running, you can perform some events like login, change some files, add users.<\/p>\n\n\n\n<p>Next, login to Elasticsearch verify if Auditbeat index has any data.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>curl -XGET 192.168.0.106:9200\/auditbeat-*\/_search?pretty<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>...\n          \"user\" : {\n            \"audit\" : {\n              \"name\" : \"jay\",\n              \"id\" : \"1002\"\n            },\n            \"name\" : \"root\",\n            \"id\" : \"0\"\n          },\n          \"service\" : {\n            \"type\" : \"auditd\"\n          },\n          \"agent\" : {\n            \"type\" : \"auditbeat\",\n            \"ephemeral_id\" : \"72fd62cf-50fd-4c3a-89d1-65ee17565ca4\",\n            \"hostname\" : \"ubuntu18\",\n            \"id\" : \"ab7dab68-7709-4161-933b-670d253e52b8\",\n            \"version\" : \"7.2.0\"\n          },\n          \"event\" : {\n            \"module\" : \"auditd\",\n            \"category\" : \"user-login\",\n            \"action\" : \"disposed-credentials\",\n            \"outcome\" : \"success\"\n          },\n          \"tags\" : [\n            \"beats_input_raw_event\",\n            \"_grokparsefailure\"\n          ]\n        }\n      },\n      {\n        \"_index\" : \"auditbeat-7.2.0-2019.07.04\",\n        \"_type\" : \"_doc\",\n        \"_id\" : \"kesivWsB-ERNbH9db86a\",\n        \"_score\" : 1.0,\n        \"_source\" : {\n          \"socket\" : {\n            \"entity_id\" : \"yVPVX7j2LLIaTWEE\"\n          },\n          \"ecs\" : {\n            \"version\" : \"1.0.0\"\n          },\n          \"process\" : {\n            \"name\" : \"sshd\",\n            \"pid\" : 2092\n          },\n          \"message\" : \"Listening socket (:::22) OPEN by process sshd (PID: 2092) and user root (UID: 0)\",\n          \"network\" : {\n            \"transport\" : \"tcp\",\n            \"type\" : \"ipv6\",\n            \"direction\" : \"listening\"\n          },\n...<\/code><\/pre>\n\n\n\n<p>If all is well, go ahead and create Kibana Auditbeat index.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\">Create Kibana Auditbeat Index<\/h4>\n\n\n\n<p>Login to Kibana and click on the settings  (gear icon) on the left pane &gt; Kibana &gt; Index Patterns &gt; Create Index Pattern.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Add-Kibana-Index.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1337\" height=\"636\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Add-Kibana-Index.png\" alt=\" install and configure Elastic Auditbeat on Ubuntu 18.04 Kibana Index pattern\" class=\"wp-image-3524\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Add-Kibana-Index.png 1337w, https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Add-Kibana-Index-768x365.png 768w\" sizes=\"(max-width: 1337px) 100vw, 1337px\" \/><\/a><\/figure>\n\n\n\n<p>Select Auditbeat Index and click Next.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Select-Kibana-Index.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1283\" height=\"508\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Select-Kibana-Index.png\" alt=\"select auditbeat index pattern\" class=\"wp-image-3525\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Select-Kibana-Index.png 1283w, https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Select-Kibana-Index-768x304.png 768w\" sizes=\"(max-width: 1283px) 100vw, 1283px\" \/><\/a><\/figure>\n\n\n\n<p>Select the Time Filter field name from the dropdown and click Create Index Pattern. After that, you should be able to see the index pattern data fields.<\/p>\n\n\n\n<p>Click on Discover and select <strong>auditbeat-*<\/strong> index pattern to see the Auditbeat data.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/auditbeat-kibana-index-data.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1339\" height=\"628\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/auditbeat-kibana-index-data.png\" alt=\"Kibana auditbeat index pattern data\" class=\"wp-image-3526\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/auditbeat-kibana-index-data.png 1339w, https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/auditbeat-kibana-index-data-768x360.png 768w\" sizes=\"(max-width: 1339px) 100vw, 1339px\" \/><\/a><\/figure>\n\n\n\n<h4 class=\"wp-block-heading\">Setup Kibana Dashboards<\/h4>\n\n\n\n<p>Auditbeat comes pre-packaged with sample Kibana dashboards, visualizations, and searches for visualizing Auditbeat data.<\/p>\n\n\n\n<p>Since we have configured Logstash output in this demo, you need to temporarily disable the Logstash output and enable Elasticsearch to load the dashboards. Note that Kibana should be listening on a non-loopback interface.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>auditbeat setup -e -E output.logstash.enabled=false -E output.elasticsearch.hosts=['192.168.0.106:9200'] -E setup.kibana.host=192.168.0.106:5601<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-code\"><code>...\n2019-07-04T15:58:37.731+0300\tINFO\tinstance\/beat.go:776\tKibana dashboards successfully loaded.\nLoaded dashboards<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Viewing Kibana Auditbeat Dashboards<\/h3>\n\n\n\n<p>Now that the configuration is done and sample Kibana Auditbeat dashboards have been loaded to Kibana, you can now login to Kibana UI and view your Auditbeat data.<\/p>\n\n\n\n<p>Once you login to Kibana, click Dashboard from the left panel and select one of the Dashboards from the available samples. For example, the default Logins dashboard.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/kibana-auditbeat-logins-dashboard.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1338\" height=\"649\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/kibana-auditbeat-logins-dashboard.png\" alt=\"install and configure Elastic Auditbeat on Ubuntu 18.04: kibana auditbeat logins dashboard\" class=\"wp-image-3527\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/kibana-auditbeat-logins-dashboard.png 1338w, https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/kibana-auditbeat-logins-dashboard-768x373.png 768w\" sizes=\"(max-width: 1338px) 100vw, 1338px\" \/><\/a><\/figure>\n\n\n\n<p>Click on System overview tab to see various system statistics.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/kibana-auditbit-system-overview-dashboard.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1340\" height=\"648\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/kibana-auditbit-system-overview-dashboard.png\" alt=\"Kibana Auditbeat system overview\" class=\"wp-image-3529\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/kibana-auditbit-system-overview-dashboard.png 1340w, https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/kibana-auditbit-system-overview-dashboard-768x371.png 768w\" sizes=\"(max-width: 1340px) 100vw, 1340px\" \/><\/a><\/figure>\n\n\n\n<p>To see User statistics, click on Users tab.<\/p>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Kibana-auditbeat-user-statistics.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1345\" height=\"651\" src=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Kibana-auditbeat-user-statistics.png\" alt=\"Kibana auditbeat user statistics\" class=\"wp-image-3528\" title=\"\" srcset=\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Kibana-auditbeat-user-statistics.png 1345w, https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/07\/Kibana-auditbeat-user-statistics-768x372.png 768w\" sizes=\"(max-width: 1345px) 100vw, 1345px\" \/><\/a><\/figure>\n\n\n\n<p>Beautiful, right? Now you can explore other dashboards. You can also create your own dashboards.<\/p>\n\n\n\n<p>That is all on how to install and configure Elastic Auditbeat on Ubuntu 18.04. Enjoy.<\/p>\n\n\n\n<p>Reference:<\/p>\n\n\n\n<p><a href=\"https:\/\/www.elastic.co\/guide\/en\/beats\/auditbeat\/current\/auditbeat-getting-started.html\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Getting Started with Auditbeat (opens in a new tab)\">Getting Started with Auditbeat<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Related Tutorials;<\/h3>\n\n\n\n<p><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/kifarunix.com\/install-filebeat-on-fedora-30-fedora-29-centos-7\/\" target=\"_blank\">Install Filebeat on Fedora 30\/Fedora 29\/CentOS 7<\/a><\/p>\n\n\n\n<p><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/kifarunix.com\/install-logstash-7-on-fedora-30-fedora-29-centos-7\/\" target=\"_blank\">Install Logstash 7 on Fedora 30\/Fedora 29\/CentOS 7<\/a><\/p>\n\n\n\n<p><a rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\" href=\"https:\/\/kifarunix.com\/install-elastic-stack-7-on-fedora-30-fedora-29-centos-7\/\" target=\"_blank\">Install Elastic Stack 7 on Fedora 30\/Fedora 29\/CentOS 7<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/kifarunix.com\/install-elasticsearch-7-x-on-ubuntu-18-04-debian-9-8\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\" (opens in a new tab)\">Install Elasticsearch 7.x on Ubuntu 18.04\/Debian 9.8<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In this guide, we are going to learn how to install and configure Elastic Auditbeat on Ubuntu 18.04. Auditbeat is a lightweight data shipper that<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[910,121,72],"tags":[1023,912,913,67],"class_list":["post-3517","post","type-post","status-publish","format-standard","hentry","category-elastic-stack","category-howtos","category-monitoring","tag-auditbeat","tag-elastic-stack","tag-elk","tag-ubuntu-18-04","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/3517"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=3517"}],"version-history":[{"count":8,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/3517\/revisions"}],"predecessor-version":[{"id":3531,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/3517\/revisions\/3531"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=3517"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=3517"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=3517"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}