AlienVault: Monitoring individual sensor Events Per Second [EPS]
In a distributed AlienVault environment, it is important to be able to monitor individual sensor’s output. In our case, the requirements was to: Monitor each sensor’s generated events over a...
View ArticleAlienVault: Adding a logger to a distributed deployment
There has been some confusion about how exactly to add a dedicated logger appliance to an AlienVault distributed deployment, that is, a setup where server roles (SIEM server, database, loggers,...
View ArticleAlienVault ELK Integration
In the last couple of blog posts[1][2] we’ve been exploring how to use the ELK stack as a forensic logging platform. We also had a couple of posts on deploying some AlienVault features [3][4]. In this...
View Article
More Pages to Explore .....