There has been some confusion about how exactly to add a dedicated logger appliance to an AlienVault distributed deployment, that is, a setup where server roles (SIEM server, database, loggers, sensors, etc) are hosted on separate servers. It's not very well documented so here goes (with many thanks to AlienVault Support for providing the information): The configuration … Continue reading AlienVault: Adding a logger to a distributed deployment
Building a Logging Forensics Platform using ELK (Elasticsearch, Logstash, Kibana)
During a recent project we were required to build a "Logging Forensics Platform", which is in essence a logging platform that can consume data from a variety of sources such as windows event logs, syslog, flat files and databases. The platform would then be used for queries during forensic investigations and to help follow up … Continue reading Building a Logging Forensics Platform using ELK (Elasticsearch, Logstash, Kibana)
David Vassallo's Blog 
You must be logged in to post a comment.