SIEM


Topic Replies Activity
Autonomous System Number (ASN) not displaying 5 November 29, 2019
Viewing Pinned Timeline Events 3 November 22, 2019
Bulk ingest of netflow and zeek logs into Elastic SIEM 3 November 21, 2019
New SIEM infrastructure with Elasticsearch 5 November 19, 2019
Problem with SIEM 9 November 19, 2019
For example, I have machine A running as a Server and I would like to manage other clients such as machine B, C, D,...etc So, how to do that? How to get many hosts? 22 November 19, 2019
How to change query in SIEM 4 November 18, 2019
SIEM not detecting ASA success failure logins 7 November 16, 2019
Active Directory logs and mapping to ECS (I am stumped) 8 November 11, 2019
SIEM Command Line Auditing 4688 - 4689 12 November 11, 2019
How to get more hosts in SIEM (Auditbeat) 3 October 30, 2019
Defenxor DSIEM for Event Correlation with Logstash 2 October 28, 2019
SIEM Infrastructure design 3 October 28, 2019
Filter Uncommon Host Processes 4 October 25, 2019
Hash used in Elastic? 4 October 25, 2019
SIEM ECS descriptions taking huge amount of unneccesary space in SIEM 3 October 25, 2019
How many swap files are created when you update a text file 10 October 24, 2019
Add additional data source to SIEM dashboard 5 October 16, 2019
Hosts tab in SIEM and WEF 18 October 14, 2019
SonicWall Firewall and SIEM or SNMP 3 October 13, 2019
Envoyproxy 4 October 5, 2019
Fielddata error preventing Authentications tab populating 5 October 2, 2019
PoC - Use ELK to aggregate multiple LogInsight Systems into one SOC 4 October 1, 2019
Siem on logstash and filebeat 3 September 27, 2019
Event Correlation on ELK 4 September 23, 2019
GraphQL internal error 3 September 16, 2019
Difference between source/destination and server/client 3 September 13, 2019
I'm not seeing any geoip data from my zeek logs in my SIEM map 4 September 9, 2019
Filebeat for Sophos XG Firewall 10 September 4, 2019
Why don't sudo events from auth.log have an event.category/event.action? 3 September 4, 2019