How To Ship Linux Intrusion Detection Logs To Security Onion Using The Wazuh Agent
Рет қаралды 8,102
Күн бұрын
@DenisGWahome 8 ай бұрын
What I am looking at is Shipping Logs in SysLog format from Wazuh Server to Security Onion and Corelate, otherwise configuring hundreds of agents in this way may not be practical for larger deployments.
@kunalhiremath7782 Жыл бұрын
At 7:43 on the alerts page under event.module why are we not seeing wazuh as the module name why we are seeing OSSEC.
@ryuzakifreak14 11 ай бұрын
Does anyone know if adding Wazuh is possible on Security Onion 2.4?
@ozzykampha2776 Жыл бұрын
Can you do a test of Security onion 2.4?
@rahulmishra0802 2 жыл бұрын
Sir , I'm still unable to take logs of ubuntu on security onion. Please help
@bilaichacha8388 2 жыл бұрын
Did you manage?
@mohammednasser2669 2 жыл бұрын
@@bilaichacha8388 my webserver is from amazon and it has public IP address. However, my security onion is local and doesn't have IP address. How can I connect webserver to SecurityOnion?
@Zyzienzergling Жыл бұрын
@@mohammednasser2669you will likely have to tunnel into your local network or port forward those two wazuh ports on your router to target your security onion. You mentioned your security onion doesn't have an IP but that doesn't really make sense to me. So forward to the IP of the onion, which is your public IP or local IP for tunnel.
@ripits_62 Жыл бұрын
I love you
I.T Security Labs
Рет қаралды 1,8 М.
Lawrence Systems
Рет қаралды 29 М.
Attack Detect Defend (rot169)
Рет қаралды 12 М.
Matt Brown
Рет қаралды 1,4 МЛН
nechetoff
Рет қаралды 5 МЛН