Logan Lembke
Logan Lembke
Kibana and Elasticsearch are crashing since they cannot read the web certificate used to secure the REST API. > kibana_1 | FATAL Error: ENOENT: no such file or directory, open...
The releases are distributed through GitHub. On the main repository page, click the first link under the `Releases` section in the sidebar.  Next, you should see the release notes...
Today, we are volume mounting in the certificates, but no one has tried replacing them. We just need to verify and document that users can change out the certificates in...
The dashboard ndjson file is located at https://github.com/activecm/BeaKer/blob/master/kibana/kibana_dashboards.ndjson It may be imported using the Saved Objects UI in Kibana (see https://www.elastic.co/guide/en/kibana/current/managing-saved-objects.html). Alternatively it may be imported using the Kibana API...
Hello, here are the descriptions for the fields you mention: - TS score: Timestamp score. This score conveys how well the set of delays between connection timestamps matches what we'd...
Here is an additional RITA cheat sheet: https://www.activecountermeasures.com/wp-content/uploads/2021/06/RITA-Cheat-Sheet.pdf
 I do not feel comfortable using that critical stack site, and cannot in good faith recommend it.
All fair points. Critical Stack seems awesome in theory. I did a quick search and could not find a decent guide for setting up bro's intel log without Critical Stack....
If we go down this route, I would prefer to replace Rita-bl. Managing this feed for blacklist results in addition to Rita-bl's results will become unwieldy rather quickly.
I've done a bit more research into the critical stack website. Looks like they've been acquired by Capital One. Having a backing company makes me feel a bit more comfortable...