PinnedMicrosoft Azure Sentinel 101: Daily reports for cost analysisMonitoring our SIEM environments is a big deal especially if we have budgets we have to manage as well. Sure there are ways to do this…Jun 9, 20233Jun 9, 20233
PinnedAzure Sentinel Workbook/Dashboard: PurpleTeam Event Viewing Dashboard — quickly threat hunt and…Do you need a quick way to find and view events related to an exercise or an active attack? This dashboard allows you to quickly search…Jun 29, 20241Jun 29, 20241
PinnedConnecting Linux to Microsoft Windows Server Active Directory for management and easy access —…One of the many items people will ask me is: How do you manage your Linux machines in a Windows environment and can you add them to AD?Jun 30, 2023Jun 30, 2023
PinnedSending OPNSense Syslog, Suricata, and Firewall logs into CRIBL Stream with GEO IP Tagging with log…OPNSense is a great open source firewall but it’s not the most supported in some cases when it comes to sending it’s logs into SIEMs. In…Jul 6, 2023Jul 6, 2023
PinnedCommandline Auditing — Using different tools to security your Linux server and environments.By deault Linux does not offer or have any commandline auditing or logging so you never know who did what, where, when and why. But there…Jul 6, 20231Jul 6, 20231
Advanced Microsoft Sentinel Workbook/Dashboard Design Concepts: color schemes, dynamic CSS content…Looking for ways to make your workbooks or dashboards more colorful and dynamic? These ideas may be what you need and allow you much more…1d ago1d ago
Sandfly: Creating Linux Alerts Incidents in Microsoft Azure Sentinel — With KQL Parser buildoutYou can find the complete collection of Sandfly related articles here:Apr 21Apr 21
Sandfly: Configuring, Setting up and Sending alerts, events and logs into Microsoft Azure and…You can find the complete collection of Sandfly related articles here:Apr 19Apr 19
Sandfly: Creating scanning schedules and automatic host detection via discovery — use tagging to…This is a follow up from the previous article:Apr 61Apr 61
Sandfly and agentless security platform providing Linux auditing, security and monitoring —…What is SandFlyApr 6Apr 6
