There has been some confusion about how exactly to add a dedicated logger appliance to an AlienVault distributed deployment, that is, a setup where server roles (SIEM server, database, loggers, sensors, etc) are hosted on separate servers. It's not very well documented so here goes (with many thanks to AlienVault Support for providing the information): The configuration … Continue reading AlienVault: Adding a logger to a distributed deployment
AlienVault: Monitoring individual sensor Events Per Second [EPS]
In a distributed AlienVault environment, it is important to be able to monitor individual sensor's output. In our case, the requirements was to: Monitor each sensor's generated events over a configurable interval If the number of generated events of a sensor goes below a configured threshold, then notify the user via email There are several … Continue reading AlienVault: Monitoring individual sensor Events Per Second [EPS]
David Vassallo's Blog 
You must be logged in to post a comment.