Differences between revisions 14 and 15
Revision 14 as of 2021-04-11 21:46:16
Size: 1566
Editor: scot
Comment:
Revision 15 as of 2021-04-11 21:57:19
Size: 1680
Editor: scot
Comment:
Deletions are marked like this. Additions are marked like this.
Line 10: Line 10:
 * [[https://www.graylog.org/|GrayLog]]  * [[https://www.graylog.org/|GrayLog]] [[https://docs.graylog.org/en/4.0/pages/installation/os/ubuntu.html#ubuntuguide|Ubuntu Install Guide]]
Line 15: Line 15:
{{{#!wiki comment
Not log analyzers that do similar things
Some solutions go beyond simple log aggregators/analyzers to monitor everything... these include:
Line 18: Line 17:
 * PRTG (billed as a network monitor similar to spiceworks, so it does more than
 * Spiceworks (and other variants)
 * !AlienVault (community edition Threat intelligence, now owned by AT&T)
}}}
 * PRTG (includes log analyzing, but may be overkill for what we are doing)
 * ZabbixL https://www.zabbix.com/
 * AlienVault: https://www.alienvault.com/products/ossim

Lab 09 Dashboards - Keeping data under control

Introduction

In the last two labs particularly, we have gathered information. But how do you make sense of it all? Log analyzer and dashboards!

Take the first 15 minutes of lab to research dashboards that you might want to install and use to work with Suricata, OpenVas and your windows systems.

Some solutions go beyond simple log aggregators/analyzers to monitor everything... these include:

Install a system of your choice. If its not on the list, check with me first and if its ok, I'll add it. You should collect information from OpenVas, Suricata, Windows Logs and ubuntu for aggregation in the dashboard of your choice.

Show Me

In less than two minutes:

  1. Show your Dashboard working
    1. Show something from OpenVas

    2. Show something from Suricata
    3. Show something from your Windows Server

NetworkSecurity/Lab/Lab09 (last edited 2021-04-11 22:20:51 by scot)