SIEM


Topic Replies Activity
About the SIEM category 1 May 20, 2019
SIEM not detecting ASA success failure logins 6 October 19, 2019
How to change query in SIEM 2 October 18, 2019
Active Directory logs and mapping to ECS (I am stumped) 7 October 14, 2019
SIEM Command Line Auditing 4688 - 4689 11 October 14, 2019
For example, I have machine A running as a Server and I would like to manage other clients such as machine B, C, D,...etc So, how to do that? How to get many hosts? 20 October 9, 2019
How to get more hosts in SIEM (Auditbeat) 2 October 2, 2019
Defenxor DSIEM for Event Correlation with Logstash 1 September 30, 2019
SIEM Infrastructure design 2 September 30, 2019
Filter Uncommon Host Processes 3 September 27, 2019
Hash used in Elastic? 3 September 27, 2019
SIEM ECS descriptions taking huge amount of unneccasry space in SIEM 2 September 27, 2019
How many swap files are created when you update a text file 9 September 26, 2019
Add additional data source to SIEM dashboard 5 October 16, 2019
Hosts tab in SIEM and WEF 18 October 14, 2019
SonicWall Firewall and SIEM or SNMP 3 October 13, 2019
Envoyproxy 4 October 5, 2019
Fielddata error preventing Authentications tab populating 5 October 2, 2019
PoC - Use ELK to aggregate multiple LogInsight Systems into one SOC 4 October 1, 2019
Siem on logstash and filebeat 3 September 27, 2019
Event Correlation on ELK 4 September 23, 2019
GraphQL internal error 3 September 16, 2019
Difference between source/destination and server/client 3 September 13, 2019
I'm not seeing any geoip data from my zeek logs in my SIEM map 4 September 9, 2019
Filebeat for Sophos XG Firewall 10 September 4, 2019
Why don't sudo events from auth.log have an event.category/event.action? 3 September 4, 2019
SIEM Hosts/All Hosts Tables Empty 13 September 2, 2019
Watcher alert, ssh auth 3 August 28, 2019
Empty DNS Fields and Tables in Network View 3 August 27, 2019
Having SIEM read windows events from non-default index pattern 4 August 26, 2019