Wazuh Install - Worlds Best OpenSource EDR!

Подписаться 17 тыс.

Просмотров 28 тыс.

50% 1

Join me as we continue on to Phase 3 of the World's Best SIEM Stack Series, installing the Wazuh Manager.
Blog Post: / part-3-wazuh-manager-i...
Contact Me: taylor.walton@socfortress.co
LinkedIn: / socfortressmdr
Twitter: / socfortress
Our Blog: / socfortress
Graylog Install: • Graylog Install - Best...
Buy Me A Coffee: bit.ly/3woh21M
Our Blog: / socfortress
Security Operations Center as a Service: www.socfortress.co/
Free For Life Tier: www.socfortress.co/trial.html
Professional Services: www.socfortress.co/ps.html
Discord Channel: / discord
Series Playlist: • World's Best SIEM Stack

Наука

Опубликовано:

13 окт 2022

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 35

@user-nn3uj8qo4e Год назад

Thanks for great mood

@DavidWilliams-ug6un Год назад

That was just great 👍

@vinayvinni9757 Год назад

Fan of your work from india😃

@SiberKost Год назад

you are very genius and cool buddy

@DM-gp6pd Год назад

Super informative and practical series. But can you please uncover one topic about efficient way of transferring sysmon for linux events from endpoints to backend systems. Because they are stored in XML format and it's not so obvious which forwarders and options should be used.

@taylorwalton_socfortress Год назад

Checkout the decoder video:) Decoding Linux For Sysmon - Learn How To Ingest Sysmon For Linux Alerts into Wazuh ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-y5K1pctFoaw.html

@alejandroparrello6493 Год назад

you're the boss!! 👏☝️😉 regards from Argentina 👋😁

@ArmAikido 9 месяцев назад

One question. Finally, is this entire series about EDR or SIEM?

@tracerv0 Год назад

Good audio.

@photondoh5384 Год назад

I wish wazuh had iso 27001 compliance dashboard.

@jarmandog8372 Год назад

That'd be amazing, maybe a custom dashboard? That's a great idea

@jig270 Год назад

it has i think nist ,you can compare nist and is027001 fro their site and use it.

@hydradragonantivirus 2 месяца назад

How to compile it?

@krosstty 3 месяца назад

Hi, thanks a lot for your great content. It´s possible to help me with follow issue: [Alerts index pattern] No template found for the selected index-pattern title [wazuh-alerts-*]

@nopromises884 Год назад

i am deploy wazuh manager graylog successfully i can see data in grafana but i cant see wazuh dashboard security event and and other alert from from wazuh .is there any way to see both dashboard wazuh and grafana?

@lupeadorin4282 3 месяца назад

Did you find any way to resolve this issue?

@MrSuhailmt Год назад

Great content. Helped me alot. which tool you are using for ssh? it looks cool.

@user-yu4im1mi4o Год назад

In case if someone has the issue with error "Elasticsearch exception [type=illegal_argument_exception, reason=key [types] is not supported in the metadata section]." when try to see received messages (16:27), you needed to remove this from the Opensearch config file: compatibility.override_main_response_version: true (or just comment) and restart wazuh-dashboard and graylog-server

@joelnicholasfrancis2700 Год назад

It gives me the same error

@mcastill3 Год назад

Same error for me

@user-lj6hj1sh4n Год назад

I also encountered the same problem, deleted the required line from opensearch.yml, did systemctl restart graylog-server, but still Elasticsearch exception [type=illegal_argument_exception, reason=key [types] is not supported in the metadata section].

@ArmAikido 10 месяцев назад

The problem can be solved by installing Graylog 5.0 with MongoDB 6.0

@NareshKumar-hw4nl 8 месяцев назад

hi Please comment out the line under /etc/wazuh-indexer/opensearch.yml #compatibility.override_main_response_version: true This worked for me. i got same error even after installing Gralog 5.0 and mongoDb 6.0

@surathwalpita 25 дней назад

While retrieving data for this widget, the following error(s) occurred: Elasticsearch exception [type=illegal_argument_exception, reason=key [types] is not supported in the metadata section]. Why I'm having this error ?

@Carbon367 11 дней назад

Have the same problem sadly. Did you find a fix?

@totonhaldar4282 5 месяцев назад

খুব ভালো জ্ঞনলস

@pragmatickaos852 2 месяца назад

I don't understand why Graylog is in the picture. You're already using Fluent Bit, which can already do all the filtering and renaming and much more. It can even integrate with GeoLite2 IP geolocation. I decided not to install Graylog.