How To Ship Linux Intrusion Detection Logs To Security Onion Using The Wazuh Agent
Рет қаралды 7,904
Күн бұрын
@DenisGWahome 5 ай бұрын
What I am looking at is Shipping Logs in SysLog format from Wazuh Server to Security Onion and Corelate, otherwise configuring hundreds of agents in this way may not be practical for larger deployments.
@ryuzakifreak14 9 ай бұрын
Does anyone know if adding Wazuh is possible on Security Onion 2.4?
@ozzykampha2776 Жыл бұрын
Can you do a test of Security onion 2.4?
@rahulmishra0802 2 жыл бұрын
Sir , I'm still unable to take logs of ubuntu on security onion. Please help
@bilaichacha8388 Жыл бұрын
Did you manage?
@mohammednasser2669 Жыл бұрын
@@bilaichacha8388 my webserver is from amazon and it has public IP address. However, my security onion is local and doesn't have IP address. How can I connect webserver to SecurityOnion?
@Zyzienzergling Жыл бұрын
@@mohammednasser2669you will likely have to tunnel into your local network or port forward those two wazuh ports on your router to target your security onion. You mentioned your security onion doesn't have an IP but that doesn't really make sense to me. So forward to the IP of the onion, which is your public IP or local IP for tunnel.
@kunalhiremath7782 Жыл бұрын
At 7:43 on the alerts page under event.module why are we not seeing wazuh as the module name why we are seeing OSSEC.
@ripits_62 Жыл бұрын
I love you
I.T Security Labs
Рет қаралды 1,8 М.