Are you looking to supercharge your data collection and analysis process?
Check out my new article on how Sumo Logic Script Actions can help transform and enrich your logs.

      

loggar.hashnode.dev/supercharg

By the end of this article, you will have the knowledge and skills needed to make updates to your Sumo Logic collectors programmatically.

I hope that helps! 😊

loggar.hashnode.dev/updating-a

Mi charla del último SANS DFIR Summit 2022 fue un gran desafío personal y una muy agradable experiencia que espero pueda serle util a la comunidad cyber😊

youtu.be/Epe3hWqiqnE

auditctl controls the status and some basic system parameters of the audit daemon. To define a file system rule, use the following syntax:
auditctl -w path_to_file -p permissions -k key_name
In our case will be:
auditctl -w /usr/bin/python2.7 -p rwa -k python

Based on my last Summit talk, I'm upgrading an IR Notebook which demonstrates a simple way to analyze and enrich using , Threat Intel , Google Sheets, and Google DataStudio dashboard.

Pairing with a custom integration script to send requests to an IPv6 geolocation service and enrich login attempts. With Wazuh you can develop whatever integration script in order to interact with almost any API service 😉

redNiboe

Comunidad fediversal para productores y curadores de conocimiento. Lenguajes: Español, Português, otras lenguas nuestroamericanas.