Press "Enter" to skip to content

Posts published in “SIEM”

Forwarding Windows Event Logs to Syslog Server (Kiwi Syslog)

0

Centralizing your logs saves time and increases the reliability of your log data, especially for Windows machines. When Windows log files are stored locally on each server, you have to individually log into each one to go through them and look for any errors or warnings. It’s possible for a Windows server to forward its events to a “subscribing” server.…

Gartner Magic Quadrant for SIEM Products (2018,2017,2016,2015,2014,2013,2012,2011…)

0

Gartner defines SIEM as a technology that aggregates data produced by security devices, network infrastructure and systems, and applications. Products in the security information and event management (SIEM) market analyze security event data and network flow data in real time for internal and external threat management. They collect, store, analyze and report on log data for incident response, forensics and…

ArcSight SIEM Logger Web, Search Examples, Use Case Reports

0

ArcSight Logger is one of products from Micro Focus SIEM platform. It  streams real-time data and categorizes them into specific logs and easily integrates with Security Operations. As a result, organizations of any size can use this high performance log data repository to aid in faster forensic analysis of IT operations, application development, and cyber security issues, and to simultaneously…

ArcSight SIEM Logger Web Gui and Search Tips and Tricks

0

ArcSight Logger is one of products from Micro Focus SIEM platform. It  streams real-time data and categorizes them into specific logs and easily integrates with Security Operations. As a result, organizations of any size can use this high performance log data repository to aid in faster forensic analysis of IT operations, application development, and cyber security issues, and to simultaneously…

Install Latest Splunk 7.2.0 on Ubuntu 18.04 LTS at Google Cloud Platform

0

Installing Splunk 7.2.0 into Ubuntu is super easy. I had a video to introduce how to install Splunk in a windows server in my previous post. This time, I am going to present an installation process for Splunk 7.2.0 installed into Ubuntu 18.04.  Ubuntu is running on Google Cloud Platform. 1. Create a new Ubuntu 18.04 LTS VM from GCP ->Computer…

ArcSight SIEM Logger

0

ArcSight Logger is one of products from Micro Focus SIEM platform. It  streams real-time data and categorizes them into specific logs and easily integrates with Security Operations. As a result, organizations of any size can use this high performance log data repository to aid in faster forensic analysis of IT operations, application development, and cyber security issues, and to simultaneously…

Configure Netflow on network devices for PRTG Netflow Monitoring

1

Netflow is a feature first introduced into Cisco routers and switches and then flow concept has been widely accepted by other network product vendors. Basically the network devices which support xflow feature can collect IP traffic statistics on the interfaces where xFlow is enabled, and export those statistics as xFlow records to remote defined xFlow collector. PRTG can use this…

Using PRTG SNMPv3 Monitoring Juniper SRX 240H Alarm andTemperature

0

One of our SRX240H is having temperature problem. Whenever the temperature reached 50 Celsius degree, system alarm will be on. Alarm email should be sent out when temperature reached threshold 50. SRX itself seems not able to send alarm email out based on this discussion. NSM or other SNMP tools may help in this situation. PRTG is using to monitor…