Wazuh Integrations with NGAF, Endpoint Secure or IAM

dw Lv1Posted 2022-Dec-19 11:52

Has anyone implemented a syslog server, for example using wazuh? So the logs from NGAF, ES and IAM will be stored and able to analyze there.

Any suggestions for the best syslog server to use? Which have integrated with Sangfor Products.

Thank You

Draiden has solved this question and earned 20 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Im also planning to build, I'm aiming for security onion. Throwing all the logs from ES, CC, NGAF, IAM.
Just to get a good picture when it comes to DNS attacks.
Is this answer helpful?
Fuji12 Lv3Posted 2023-Jan-01 16:37
  
ELK is other choice
soneosansan Lv3Posted 2023-Jan-01 16:34
  
Try to use ELK
nobitachou Lv2Posted 2023-Jan-01 16:31
  
Kiwi is a good choice
RegiBoy Lv5Posted 2023-Jan-01 16:26
  
Nice Questions
jetjetd Lv5Posted 2022-Dec-29 01:17
  
Kiwi Syslog Server is the top choice for collecting, viewing and archiving syslog messages and SNMP traps.
Arleng Lv2Posted 2022-Dec-28 13:26
  
ELK is a great solution for this
Pat Lv4Posted 2022-Dec-28 13:06
  
You should try FREE Kiwi Syslog Server from solarwinds
Faisal P Posted 2022-Dec-26 21:26
  
Wazuh agents work on a wide range of operating systems, but if this is not possible, you can forward syslog events to your environment.
Osama Muhammad Lv3Posted 2022-Dec-26 19:36
  
Try ELK for log Server but, I dont think you need it as Sangfor have a black box in there firewall.

I hope you know what is how aeroplane Black box works, if plane crashed.
Jhazz Lv3Posted 2022-Dec-26 19:18
  
You can try free syslog server available but it has a limited capability. If you need more function and features you can go to the paid or subcription based syslog

I Can Help:

Change

Trending Topics

Board Leaders