Selected tag: eventlog analyzer

When we first adopted Elasticsearch as NetVizura’s primary datastore, we were working with version 6.8. Even back then, Elasticsearch proved to be a powerful and efficient solution for storing diverse data in a single index.

The move to version 7 marked a major step forward. It brought significant performance improvements and introduced syslog support, making our platform even more

Logging is quintessential in figuring out problematic behavior of your machine. Windows logs can sometimes be muddled and not straightforward which can lead to increased time for debugging or troubleshooting problems. EventLog steps up to spotlight for collecting, reviewing and optionally alerting on all data you receive from your Windows servers and workstations. In some cases, centralized

Every administrator knows that alert notifications are salt of the earth in his day-to-day struggle with myriad of data. Today we will be looking at an example of EventLog alert notifications on Cisco router and how it can point to possible problems with regular functioning of it.

1. Cisco EventLog configuration

Basic logging information in Cisco equipment is pretty easy and

Collecting logs from Linux machines

In modern times, logs are everything. In this text you can find bits of information about your machines' performance and problematic behavior. As Linux is de facto standard in servers all around the world, we need to subdue their information in order to monitor availability and performance. EventLog Collector on the other side are servers used for gathering

Having administrator job these days means overseeing numerous IP devices, so logging is somewhat indispensable. Every info, warning and error occurred on these devices needs to be logged and saved for possible inspection. We here provide you with 5 reasons for using EventLog Analyzer in your day to day job:

1. Compliance

By various compliance standards (iso27001 for example) your

We covered Fortinet's regular NetFlow and Syslog configuration in a different blog post some time ago. For some Fortigates, there isn't a NetFlow option. Instead, there are only Sflow configuration options on the machines.

If you have missed the previous blog post, here is the link - Fortinet NetFlow and EventLog configuration.

In the beginning, we need to configure the global options

Sonicwall is one of the leaders in the cybersecurity and next-generation firewalls market. Also, this is one of the first companies that recognized a need for networked cybersecurity and observability on-prem and in the cloud. Their products can be physical, aimed at a wide range of customers from SMBs to Large enterprises, as well as virtual firewalls. Today we will configure virtual NsV 270

The OpenWrt Project is a Linux operating system that targets embedded devices. Instead of static firmware images, OpenWrt provides a filesystem with a package manager, similar to regular Linux systems. OpenWrt now supports numerous architectures, so you can install it on pretty much anything, even on hypervisors.

NetFlow configuration

For the NetFlow configuration, we will use

Sophos Firewall Operating System (SFOS) is a purpose-built OS that is the core of Sophos XG firewall. The architecture has multiple options for mitigating the latest threats and modern-day features like SD-WAN, cloud application traffic, etc. Sophos has a great GUI that makes the configuration quite easy, and you would rarely need to dive into CLI.

 

NetFlow

Since Ubuntu 16.04 is approaching its end-of-life (you can, of course, extend it with ESM though that's another story), there is a need to keep your system up-to-date. Unlike CentOS and Red Hat, which don't support in-place upgrades, Ubuntu (and Debian) support upgrading to the new LTS on-the-go.

Procedure

Before we start the upgrade procedure on the NetVizura server, we need