Usage of proper SIEM Use Cases is critical in setting up the security operations center (SOC) operations. A use case can consist of multiple technical…
ELK Stack processes events from a device via SNMP traps sent by the device. Configuring SNMP Server to send Threat based SNMP traps from McAfee…
SPLUNK useful commands and Search List of commands for the installation of SPLUNK and Searching indexes sudo groupadd splunk grep splunk /etc/group sudo useradd -g…
Logstash is a useful tool for processing log files that accept data from multiple sources and different formats. Logstash easly process text-based logs and send…
Splunk Enterprise stores all of the data it processes in indexes. An index is a collection of databases, which are subdirectories located inĀ $SPLUNK_HOME/var/lib/splunk. Indexes consist…
ELK is the acronym for three open source projects: Elasticsearch, Logstash, and Kibana. Elasticsearch is a search and analytics engine and a NoSQL database that…