Elastic 25 June 2021 Detection Rule Development: Disable Windows Event and Security Logs How I took a issue created by another github user and added value to the original query and helped mold it into a new detection
Elastic 22 June 2021 Elastic Detection Rule Development: Suspicious Exchange Mailbox Right Delegation You first begin by looking up API or PowerShell cmdlets that will help assign permissions to a specific mailbox. So for this rule of detecting
Elastic 17 June 2021 How to Install & Register Wazuh Agent on Windows and Linux (Debian-Based) DEBIANInstall Wazuh Agentcurl -so wazuh-agent.deb https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-agent/wazuh-agent_4.1.5-1_amd64.deb &&
Docker 21 April 2021 Install and Configure Elasticsearch, Logstash, Kibana on Docker This tutorial how to install ELK stack on Docker Containers Install Docker on Debian-Based Distributionsapt update apt install apt-transport-https ca-certificates curl software-properties-common -y echo 'deb
Elastic 17 April 2021 Install and Configure Nginx for Elasticsearch, Logstash, Kibana This tutorial will go over how to install and configure Nginx for ELK stack.Install NginxAdding HTTPS support. sudo apt-get install -y nginx apache2-utils Configure
Wazuh 28 March 2021 Install and Configure Wazuh Agent: Windows Step 1 - Deploy a Windows Wazuh AgentCopy and Paste the Enrollment CommandStep 2 - Open Windows TerminalOpen a Powershell Tab Step 3 - Paste
Elastic 26 March 2021 Elastic Security: Bulk Detection Rule Modification via Detection API - JIRA Connector Thanks to James Spiteri at Elastic. RequirementsDepending on the taste of your Linux JQjq 1.5 is in the official Debian and Ubuntu repositories. Install
Ubuntu 21 March 2021 How to Install ELK on Ubuntu 20.04 Elasticsearch, Logstash, Kibana (ELK) allows for managing large amounts of log data on Ubuntu 20.04 Focal Fossa. The ELK stack combines Elasticsearch, Logstash, and
Elastic 20 March 2021 Elasticsearch: Shard List Elasticsearch’s cat API is something that you will be using a lot when learning about Elasticsearch and gaining hands on experience with. It allows
azure 5 February 2021 Elasticsearch Snapshots with Azure Part 4: Create Elastic Snapshot Policy Elasticsearch Snapshot Policyschedule: What frequency and time to snapshot our data. You can make this as frequent as you require, without worrying too much about
azure 5 February 2021 Elasticsearch Snapshots with Azure Part 3: Create Elastic Snapshot Repository Step 1 - Click on Menu Step 2 - Stack Management Step 3 - Snapshot and Restore Step 4 - Repositories Step 5 - Register
azure 5 February 2021 Elasticsearch Snapshots with Azure Part 2: Adding Azure Secrets to Elastic Cloud This assumes that the elastic instance is created in Azure.Step 1 - Elastic Cloud DashboardClick on the deployment that you made Step 2 -
azure 5 February 2021 Elasticsearch Snapshots with Azure Part 1: Setting Up Azure Blob A elastic snapshot is a backup copy of a running Elasticsearch cluster. This snapshot can be of an entire cluster or specific indices and data
Elastic 4 November 2019 Wazuh: No ElasticSearch Template Failed to connect to localhost port 9200 austin@wazuh2:~$ sudo curl https://raw.githubusercontent.com/wazuh/wazuh/v3.10.2/extensions/elasticsearch/7.x/wazuh-template.