Cyberkryption

This is excluded, note the section starting process on match = exclude On Thu, 13 Jun 2019, 23:51 ClintRajaniemi, wrote: > I'm new to working with Sysmon and I'm interested...

That will depend on your config, are you logging cnd.exe events if so ut will log this. To answer your question, please pist config if you can. On Sat, 8...

Hi soukoye, Did you try just ping.exe in uppercase like your example event. Excluding cmd.exe parent events neans that you will have no visibility into anything typed in a vommand...

I wil try seeting the ```elasticsearch_version=7``` in the graylog server.conf. I want to confirm that the hostname check whether the hostname check is part of Elasticsearch version check. If it...

OK, I rechecked. I set ```elasticsearch_rversion=7``` and ```elasticsearch_disable_version_check = true``` in server.conf I also set tried setting hostanme to fqdn of server using hostnamectl but I still get tyhe following...

I can upload the exported vm for you to download and save you config time if you want.

Hi Tomas, An update. I have checked the certificates are in the cacerts trust store. I imported them in .pem format as below. ``` [cyberkryption@opensearch certificates]$ sudo keytool -list -alias...

@luckman212 Mine is binding to an IP address in my local network. ``` curl -XGET https://opensearch.cyberkryption.local:9200 -u 'admin:admin' --insecure { "name" : "opensearch", "cluster_name" : "graylog", "cluster_uuid" : "F_m6D20qSRm9ttiF0ySuBw", "version"...

Hi Marco, Please close ticket as i wont have the time for a few weeks to retest. Cyberkryption On Wed, 13 Jul 2022, 09:10 Marco Pfatschbacher, ***@***.***> wrote: > @cyberkryption...

Please fix this as it breaks many other projects that rely on govalidator. Also the fact that it is incompatible with main go uuid library is poor.