Sentinel Lab Notes (Install MMA, Onboarding Log Sources, Automation Rule, etc)
Netsec
10/03/2024
0 Comments
This post is to record some key points to set up a Sentinel Lab
Read More
Showing posts with label SIEM. Show all posts
Showing posts with label SIEM. Show all posts
Thursday, October 3, 2024
Saturday, July 6, 2024
How to Surpress Microsoft Sentinel Log Ingestion
Netsec
7/06/2024
0 Comments
You may want to filter your logs collected, or even log content, before the data is ingested into Microsoft Sentinel. For example, you may w...
Read More
Monday, May 13, 2024
Cisco DUO Connector Issue in Microsoft Sentinel
Netsec
5/13/2024
0 Comments
It is not that easy to deploy built-in Sentinel Connector to your Sentinel environment.Â
Read More
Wednesday, April 10, 2024
Azure Sentinel Log Query Scripts Collection (Kusto Query Language)
Netsec
4/10/2024
0 Comments
Kusto Query Language is the language you will use to work with and manipulate data in Microsoft Sentinel. The logs you feed into your worksp...
Read More
Azure Sentinel Onboarding Different Log Sources
Netsec
4/10/2024
0 Comments
After you onboard Microsoft Sentinel into your workspace, use data connectors to start ingesting your data into Microsoft Sentinel. Microsof...
Read More
Monday, March 18, 2024
Basic Knowledges about Azure Sentinel (Price, Log, Connectors, T.I., Analytics Rules, KQL)
Netsec
3/18/2024
0 Comments
This post is to summarzie the basic knowledge you can start to use Azure Sentinel as fast as possible.Â
Read More
Monday, October 9, 2023
Azure Sentinel 101
Netsec
10/09/2023
0 Comments
 Microsoft Sentinel is a scalable, cloud-native solution that provides: Security information and event management (SIEM) Security orchestra...
Read More
Wednesday, November 25, 2020
AlienVault Installation and Configuration
Netsec
11/25/2020
0 Comments
 AlienVault® OSSIM™, Open Source Security Information and Event Management (SIEM), is an open source SIEM solution to collect, normalize and...
Read More
Sunday, November 15, 2020
Gartner Magic Quadrant for SIEM Products (2021,2020,2018,2017,2016,2015,...)
ITProSec
11/15/2020
1 Comments
Gartner defines SIEM as a technology that aggregates data produced by security devices, network infrastructure and systems, and application...
Read More
Friday, July 10, 2020
LogRhythm Remote Windows Log Collection Integration with Symantec SEPM MS SQL DB
Netsec
7/10/2020
0 Comments
This post describes how to configure LogRhythm Agnet to collect the Symantec SEPM logs through MS SQL DB. Symantec Endpoint Protection is ...
Read More
Thursday, March 12, 2020
Cloud SIEM - LogRhythm Configuration Notes
Netsec
3/12/2020
1 Comments
Working on LogRhythm, and here are some words from there website about their product: "The LogRhythm NextGen SIEM Platform combines ...
Read More
Friday, February 7, 2020
Forward System and App logs to Papertrail - Cloud Log Management
Netsec
2/07/2020
0 Comments
Papertrail is part of SolarWinds Cloudâ„¢, the next evolution of our Software-as-a-Service (SaaS) portfolio for monitoring cloud-native appl...
Read More
Sunday, November 24, 2019
SIEM System Use Cases
Netsec
11/24/2019
0 Comments
Working on LogRhythm - Cloud SIEM project. LogRhythm's SIEM solution combines enterprise log management, security analytics, user entity...
Read More
Sunday, November 17, 2019
The Rocket-fast Syslog Server - Rsyslog Client and Server Configuration
Netsec
11/17/2019
0 Comments
Rsyslog is an Open Source logging program, which is the most popular logging mechanism in a huge number of Linux distributions. It's als...
Read More
Tuesday, October 22, 2019
Easily Deploy ELK Stack into CentOS 7
Netsec
10/22/2019
0 Comments
The Elastic Stack — formerly known as the ELK Stack — is a collection of open-source software produced by Elastic which allows you to sear...
Read More
Saturday, April 27, 2019
Using NXLog to Collect Windows Event Logs
Netsec
4/27/2019
5 Comments
There are a lot of syslog collectors for Windows, but when it comes to stability and features, NXlog has the best chances to fulfill all the...
Read More
Tuesday, February 19, 2019
Forwarding Windows Event Logs to Syslog Server (Kiwi Syslog)
Netsec
2/19/2019
0 Comments
Centralizing your logs saves time and increases the reliability of your log data, especially for Windows machines. When Windows log files a...
Read More
Tuesday, December 18, 2018
ArcSight SIEM Logger Web, Search Examples, Use Case Reports
Netsec
12/18/2018
0 Comments
ArcSight Logger is one of products from Micro Focus SIEM platform. It streams real-time data and categorizes them into specific logs and ea...
Read More
Saturday, October 20, 2018
Install Latest Splunk 7.2.0 into Ubuntu and CentOS
ITProSec
10/20/2018
0 Comments
Installing Splunk 7.2.0 into Ubuntu is super easy. I had a video to introduce how to install Splunk in a windows server in my previous post....
Read More
Tuesday, October 9, 2018
Splunk Tips and Tricks
Netsec
10/09/2018
7 Comments
Splunk Installation: On Google Cloud Windows 2016 VM On Prem Linux CentOS 7:
Read More
![[5 Mins Docker] Deploy FreshRSS Using Docker Run Command and Deploy To Fly.io](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vsOLEIBUSrZHTLxpmQlz-ZG1wIyx-zwfmuyUf9nmdcBiXdYF_vFK9MmMrG-BtPwFFqj5evr9e2dVHnWr84DEtcUDxfO2xAUwpWEoHvm32Nag)
