Phil Hagen

Receiving massive `PHP Fatal error: Uncaught ChrisWhite\\B2\\Exceptions\\B2Exception: Received error from B2: 20 calls/minute allowed for: API_AUTHORIZE_ACCOUNT_CALLED` error messages via the ILAB MediaCloud plugin. I suspect this is related.

Good timing - just got our last stuff turned in so I've (finally) got cycles between now and editorial review. Only a few questions - overall I think all is...

for FOR509: - install httpd and nc rpms - remove/rename/disable welcome.conf - create EWB config: ``` RedirectMatch ^/$ /workbook/ ExpiresActive On ExpiresDefault "access plus 1 second" ``` - enable and...

this is just a placeholder to remind myself i need to add comments everywhere... it'll be a straightforward process, just need to allocate the time to document (and improve) the...

IIS logs are parsed from the `/logstash/httpd/` directory. The `grok` statements in the configuration file are applied at lines 51-58: https://github.com/philhagen/sof-elk/blob/47f730bc0200c7a72ce582c67b438ba3356f013c/configfiles/6100-httpd.conf#L51-L58

https://redmine.openinfosecfoundation.org/projects/suricata/wiki/_Logstash_Kibana_and_Suricata_JSON_output

oooh! this is a great idea. I have an idea on how to do that - will need some work and testing, but I think we can do that. thanks...

will only do this for the public release, not for classroom version. (latter is not publicly distributed, and is locked to courseware version.)

https://github.com/Cyb3rWard0g/HELK/commit/e81a98a745a4d02acc9d346865aeb312b3ee599d#diff-81497c6343ac648c68637062cf1ba082

I had to replace any backslash (`\`) characters in the AuditData JSON with forward slashes (`/`) to prevent the JSON handler from failing. I don't like to do these things...