Skip to content

Syspanda

SysOps & Security

  • About
  • Donate
  • Newsletter
  • falske tissot ure
  • repliki rolex day date
  • pas cher rolex explorer
  • replica rolex watches
  • Replik Uhren
  • repliki zegarków
  • uk replica watches
  • luksusowe repliki zegarków
  • repliki rolex milgauss
  • pas cher rolex milgauss
  • replica cartier watches
  • replik bremont uhren
  • nike обувки продажба
  • Orologi Rolex Replica
  • replica rolex cellini

Author: Pablo Delgado

Collecting and sending Windows Firewall Event logs to ELK

by Pablo Delgado on October 4, 2017October 5, 2017

Monitoring Windows Host-based firewall Host-based firewalls are a great way to monitor any strange connections that might be sourcing from your system, or if there’s any unexpected internal connections within… [Continue Reading]

Troubleshooting ELK Elasticsearch & Logstash Pt 2 of 2

by Pablo Delgado on October 3, 2017October 3, 2017

Troubleshooting Logstash Logstash is our log parser and shipper that gets logs and writes them to the elasticsearch database which creates a daily or weekly index depending on your configuration…. [Continue Reading]

Troubleshooting ELK Elasticsearch & Logstash Pt 1 of 2

by Pablo Delgado on October 3, 2017August 8, 2018

How to Troubleshoot elasticsearch You might find yourself attempting to view Elasticsearch logs through Kibana and realize that you have not been receiving logs for quite some time. Unfortunately, elasticsaerch… [Continue Reading]

Monitoring Elasticsearch Nodes for Low Disk space

by Pablo Delgado on September 28, 2017September 28, 2017

Scenario: You login to Kibana and notice there’s no new logs within the past 15 minutes, the last time you received a log was 18 hours ago. You then run… [Continue Reading]

Patching Production servers with WSUS & Powershell

by Pablo Delgado on September 27, 2017September 28, 2017

Patch management should be on top of your top priorities as a Sysadmin and as a Security Analyst you should also be on top of the latest patches released by… [Continue Reading]

Certifications: Preparing for and passing CISSP!

by Pablo Delgado on September 20, 2017September 24, 2017

If you’ve been in the Security field for some time now, you may have realized the importance of obtaining certain certifications. Whether you’re more hands and want to be on… [Continue Reading]

Detecting Outbound connections Pt. 3 – Microsoft IPs & Private IPs

by Pablo Delgado on August 31, 2017March 27, 2018

At this point you’re still excited about logging any outbound connections made by your endpoints, specially knowing exactly “what” made those connections (.exe, .dlls, .tmp, etc..) because of Sysmon. Now… [Continue Reading]

Detecting Outbound connections Pt. 2 – Logstash + Threat Intelligence

by Pablo Delgado on August 26, 2017September 3, 2017

Now that you have been collecting outbound connection logs from sysmon or your firewalls, the next step is to ask ourselves, how do we enhance that data? Geo-tagging IP addresses,… [Continue Reading]

Critical Control # 2: Inventory of Authorized and Unauthorized Software

by Pablo Delgado on August 25, 2017October 24, 2017

You can’t control what you can’t see Do you have a list of approved and trusted applications in your environment? Are you sure? What about those 3rd party add-ons that… [Continue Reading]

Detecting Outbound connections Pt. 1 – Sysmon

by Pablo Delgado on July 13, 2017August 30, 2017

I’ve been using Sysmon for quite some time now and it has made my life much easier when hunting for unknown processes or looking for outbound connections. My use case… [Continue Reading]

Posts navigation

Page 1 Page 2 Page 3 Page 4 Page 5

Categories

Recent Posts

  • Certifications: Preparing for and passing CCSP! October 24, 2020
  • Interacting with FTP/SFTP using Powershell May 31, 2019
  • Rapid 7 Nexpose Data to Splunk February 19, 2019

Archives

  • October 2020
  • May 2019
  • February 2019
  • November 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • May 2017
  • March 2017
  • February 2017
  • December 2016

Recent Comments

  • Mariadb Log In Command Line Canvas - logininfos.com on Executing Scripts with Maria-db Command Line
  • infosecTrain on Certifications: Preparing for and passing CCSP!
  • infosectrain on Certifications: Preparing for and passing CCSP!
  • Mariadb Log In Command Line - How to login in MariaDB with OS user without password ... on Executing Scripts with Maria-db Command Line
  • Tom Miller on Executing Scripts with Maria-db Command Line

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Amazon Associate Disclosure

Pablo Delgado is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites. This Helps us pay the web-hosting and domain renewal each year.

Keep this site online

Copyright © 2023 Syspanda. All Rights Reserved.
Gatsby Theme by FRT