Window's Logs on Steroids! SYSMON - Let's Deploy a Host Intrusion Detection System #10
Рет қаралды 10,227
3 жыл бұрынJoin me as we install and configure Windows SYSMON tool. A Window's Event log collection module on steroids! Let's deploy a Host Intrusion Detection System and SIEM with free open source tools. Join me as we explore and learn together.
Link to previous video: • Capturing User Command...
Check us out: www.opensecure.co/
Interact with our demo: www.opensecure.co/demo
Hire us: www.opensecure.co/contact-us
Link to repo: github.com/OpenSecureCo/Wazuh...
@AJAY-nw2cz Жыл бұрын
Taylor, thank you so much! I love Wazuh, and I know many people complain and say Wazuh is a pain to manage, but that's what I love about Wazuh and its granularity that many of the big products don't offer. You are truly a master at your craft. Thanks again for these great videos.
@ronaldratzlaff6672 Ай бұрын
Hey Taylor, I followd this guide and I get some sysmon alerts in Wazuh (process creation and a few others), but for some reason the DNS query alert rule (101100) seems to not be working for me. I see the DNS queries in sysmon on the windows client, but they are not showing in the Wazuh dashboard. As mentioned, other sysmon alerts do show. Any ideas why that particular rule might fail?
@pawelsmierciak2559 3 жыл бұрын
just one thing is missing here :) while running sysmon for the first time you need to add option -accepteula because it wont install and you wont get any error message :(
@taylorwalton_socfortress 3 жыл бұрын
Hey Pawel, thanks for pointing that out :). Command to be ran "sysmon -accepteula -i c:\windows\config.xml"
@khai-vq5hn 2 ай бұрын
is it possible that i ll be receiving logs in wazuh manger deploed locally on vmware workstation and windows 10 vm on azure
@khai-vq5hn 2 ай бұрын
i tried hell alot and nothing is working out
Taylor Walton
Рет қаралды 10 М.
Taylor Walton
Рет қаралды 6 М.
Poly Holy Yow Spanish
Рет қаралды 26 МЛН
Taylor Walton
Рет қаралды 5 М.
Taylor Walton
Рет қаралды 25 М.
Taylor Walton
Рет қаралды 7 М.
Taylor Walton
Рет қаралды 2,4 М.
Taylor Walton
Рет қаралды 6 М.
Null:404 Cyber Security
Рет қаралды 7 М.
MaviGadget
Рет қаралды 7 МЛН
MaxxPC
Рет қаралды 1,3 МЛН