Search Results

Log Sources vs. Log Collectors Log Sources: Definition: Log sources are the origin points where log data is generated. These can be operating systems, applications, network devices, cloud services, and more. Examples: Windows Event Logs, Apache Web Se...

Log Collector Installation in CyTech - Aquila This guide outlines the step-by-step process for deploying the Elastic Agent as a log collector within the CyTech - Aquila environment. Following these instructions will establish a secure and automated mechanism ...

Log Collector Installation in CyTech - Aquila This guide outlines the step-by-step process for deploying the Elastic Agent as a log collector within the CyTech - Aquila environment. Following these instructions will establish a secure and automated mechanism ...

Overview: CSPM helps secure your cloud infrastructure by discovering and evaluating cloud services (e.g., storage, compute, IAM) against CIS benchmarks to identify and remediate configuration risks that may affect data confidentiality, integrity, and availabi...

This Google Cloud integration collects and analyzes a wide range of logs and metrics to provide comprehensive visibility into your cloud environment. It ingests Firewall Logs, VPC Flow Logs, DNS Logs, and Load Balancing Logs exported from Cloud Logging via a P...

Please refer to these instructions to enable Cloud Asset API. To enable the Cloud Asset API for your Google Cloud project, follow these steps: Go to the Google Cloud Console: Navigate to Google Cloud Console.   Select Your Project: ...

Go to the Google Cloud Console. Navigate to IAM. Click on "IAM & Admin" in the left navigation menu. Select "IAM" from the submenu. Find your service account. In the IAM permissions list, locate your existing service accoun...

Setup Log Sink Using Google Cloud Console Navigate to "Logging" > "Log Router" > "Create Sink". Provide a Sink name and description. For Sink destination, select "Cloud Pub/Sub topic". Choose an existing topic "cytech-elasticsearch". Unde...

Why Whitelist in Office 365? Whitelisting ensures the CyTech - AQUILA Phishing Simulation(PS) Module functions without issue and prevents PS emails from being automatically moved to the spam folder or notifying users about potential phishing emails. The Conne...

Brief DescriptionThe Log Collector Agent is a single, unified tool that simplifies adding monitoring capabilities to yoursystems. It can collect various data types, including logs, metrics, and securityinformation, from your hosts. Locating Log Collector Agen...

Why Whitelist in Office 365? Whitelisting ensures the CyTech - AQUILA Phishing Simulation(PS) Module functions without issue and prevents PS emails from being automatically moved to the spam folder or notifying users about potential phishing emails. The Conne...

Steps to Get Client ID and Client Secret in CrowdStrike Falcon Log in to the Falcon Console Go to: https://falcon.crowdstrike.com Use your admin credentials to log in. Navigate to API Clients and Keys Click on the "Support" (questi...

Whitelist Cisco IronPort (ESA) for CyTech – AQUILA Phishing Simulation Why Whitelist in Cisco IronPort? Whitelisting ensures that the CyTech - AQUILA Phishing Simulation (PS) emails are delivered without interference from Cisco IronPort’s anti-spam and threa...

OneLogin (via SCIM)  Introduction:  OneLogin gives users the ability to access the applications and other resources they need to do their job by logging in once to a single interface. Platforms like OneLogin are known as Identity and Access Management (IAM) ...

Introduction This guide outlines how to configure Syslog filters on Palo Alto Networks firewalls to control which logs are sent to external Syslog servers. Proper filtering reduces noise, focuses on relevant events, and improves SIEM performance. Syslog Over...

To automatically fetch user accounts into Azure (e.g., for Azure Active Directory / Microsoft Entra ID) without manually importing them, your approach depends on the source of the user accounts. Below are common scenarios and how to automate the sync: From ...

To automatically fetch user accounts into Okta without needing to manually import them, you should set up a Directory Integration that allows Okta to sync users from an external directory, such as Active Directory (AD), LDAP, or through a SCIM integration. Her...

STEP 1: Identify Your Log Collector Determine which Elastic component you're using for log collection: Filebeat – Lightweight shipper for forwarding logs. Logstash – Powerful pipeline for data transformation. Elastic Agent – Unified agent that ...

Introduction This guide explains how to send security alerts from CrowdStrike Falcon to your Security Information and Event Management (SIEM) system and how to create rules for alert filtering and correlation (ruling). This helps detect threats faster and red...

JumpCloud Intoduction JumpCloud allows you to automate user account creation and syncing without manual CSV uploads by integrating with external identity sources like Active Directory, OneLogin, Okta, Azure AD, or APIs. Automatic User Provisioning in JumpCl...