kees-closed
kees-closed
I want to use tlog in ELK as well as part of our SIEM. Would be really great if there was a way to parse tlog recordings in ELK.
Regarding #50; the latest version of PSAD has finally landed in Fedora. Now I also get this warning: > You may just need to add a default logging rule to...
I don't think a default drop policy is required, my last rule for input and forward drops all. When I start PSAD with `psad --debug` I see that it, for...
My issue was resolved with psad-2.4.6-1.fc29.x86_64
I think the problem is this, it's just an educated **guess**, I didn't have time to check the source code: ``` MIN_DANGER_LEVEL 1; EMAIL_ALERT_DANGER_LEVEL 3; EMAIL_LIMIT 50; ``` `MIN_DANGER_LEVEL` must...
I noticed that the issue is "solved" when using the `memgraph`. So something about memory stats are not collected, unless the `memgraph` is included as well? In my case: ```...
This is indeed an easy way to create an out of band session, start an SSH connection with X-Forwarding enabled and start `xterm`. Of course you can disallow X-Forwarding. But...
> I'm also quite interested in a solution for this, as disabling output logging is the only reasonable solution, and that sorta.. defeats the purpose of tlog. In my case...
> > Does that work for both directions of an rsync? Because you can pull and push files, maybe that uses either input or output for those scenarios? > >...
Is the PSAD project still maintained?