Filebeat: Receiving Docker logs in Kafka
To receive logs from your containers in Kafka topic, we have to do these steps: Install Filebeat echo "deb https://artifacts.elastic.co/packages/8.x/apt…
Threats
OpenSearch Circuit Breakers
OpenSearch employs circuit breakers to prevent nodes from running out of Java Virtual Machine (JVM) heap memory, which could lead…
Splunk: How to Write a Query to Monitor Multiple Sources and Send Alert if they Stop Coming
Step 1:Write a Query to Monitor Multiple Sources Identify the log sources you want to monitor. Create a Splunk search…
SmokeLoader Malware Detection: Notorious Loader Reemerges to Target Companies in Taiwan
The nefarious SmokeLoader malware resurfaces in the cyber threat arena targeting Taiwanese companies in multiple industry sectors, including manufacturing, healthcare,…
Using a Custom Script to Trigger an Action in Monit
Let’s see how to use a custom script to trigger an action if a service has restarted or if there…
How to Update GeoLite2 Database in ArcSight Manager
To update the GeoLite2 database in your ArcSight Manager environment, follow these steps: 1. Register on the MaxMind Portal Visit…
Finalizing Your AWS WAF Web ACL Configuration
After adding rules and rule groups as suggested in this article, complete your web ACL setup.You have to do these…
Configuring Elasticsearch Authentication with LDAPS
LDAP (Lightweight Directory Access Protocol) is a popular method for centralizing user authentication and access control across an organization. Configuring…
Get started with ISM (Index State Management)
To start with Index State Management, first of all, you need to set up policies.You can use Visual Editor or…
HATVIBE and CHERRYSPY Malware Detection: Cyber-Espionage Campaign Conducted by TAG-110 aka UAC-0063 Targeting Organizations in Asia and Europe
For nearly three years since the full-scale war in Ukraine began, cyber defenders have reported a growing number of russia-aligned…