Irrespective of the built-in logging capabilities of a Windows server, we can configure additional software for substantial host-level auditing.
Sysinternal of Microsoft offers System Monitor (Sysmon) as an add-on for advanced threat auditing by performing system-level deep monitoring, observing traffic activity, tracking code behavior, etc.
It does not generate an alarm or provide analysis or hides its presence from the attackers: instead, it runs as a service in the background and uses system drivers. The article shows how to install Sysmon in Windows and demonstrates how to send its events to Qradar.
Before installation, download a filter file sysmonconfig-export.xml to…
Zsh is a powerful, customizable Unix shell. It is a command-line interpreter that incorporates rich features of other Linux shells and offers features like loadable modules, tab completion, regex integration, and much more.
Any user relatively new to Linux must have used Bash, the Bourne-Again Shell. It’s a shell with progressive features as it ships as a default shell for Unix/Linux systems. However, an experienced user will look for many ways to improvise shell interaction. Hence, users migrate from bash to Z.
Zsh is also supported by a community-driven open-source framework, oh-my-zsh. …
A Guide to Central Logging System
Logs are a critical component of any network infrastructure. They maintain a plethora of diagnostic information from the system operations of the kernel, applications, daemons, services events, to network activity, user actions, and so on.
They maintain transparency of server events to help troubleshoot Linux system issues. The ideal practice is to aggregate logs at a single location to manage and view the log data. Centralizing logs protect against accidental data loss and ensures accessibility in case of server unresponsiveness.
The most popular of all tools for log centralization in Linux systems is Rsyslog…
The idea of self-learning is too perfect to be true. But we got to admit! We have all been there…. Staring bewilderingly at the immense sea of information with uncertainty, doubt, and hesitance. All at once! And worse, if you got ADHD.
A novice self-learner struggles to make effective learning choices as they don’t know much about the subject and get distracted from every new information that catches attention. It’s like having a map with no compass.
Even though the abundance of online resources, courses, and communities has reduced this problem to some extent. …