Associate Collector to Tenant This operation is needed in order to forward logs to the correct SGBox tenant. It could be done in two ways: from the collector with option “Register collector” (https://www.sgbox.eu/en/knowledge-base/the-sgbox-collector-v6/#Register_the_collector). You need insert the “key probe for connection” you choosed when tenant was created (in our example https://www.sgbox.eu/en/knowledge-base/create-new-tenant/ is Key1234) On SGBox […]
6.2.2 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates LM/PB: logs mapping and JSON logs PB node adapted for Google logs integration LCE: enabled fixed data passing to the call API action UX improvements on filters, sorting, actions […]
Cato Network – SGBox SIEM Integration Guide This guide explains how to set up the configuration that allows SGBox to make API calls to the Cato Network service in order to collect events in SIEM and will help you analyze events generated by activities related to Network, Security, Sockets, Cato Clients, and more. To complete […]
Qualys scan – with Windows authentication This article describes how to configure Qualys Probe to monitor and perform vulnerability assessments on Windows servers with authentication. Getting started Using host authentication (trusted scanning) allows our service to log in to each target system during scanning. For this reason we can perform in depth security assessment and […]
Configure login auditing MSSQL (SQL Server Management Studio) This article describes how to configure login auditing in SQL Server on Windows, to monitor SQL Server Database Engine login activity. Login auditing can be configured to write to the error log on the following events. Failed logins Successful logins Both failed and successful logins Use SQL […]
Microsoft 365 (Office 365) – SGBox SIEM Integration Guide This Guide explains how to configure SGBox to make API calls to Microsoft 365 (previously called Office 365) with the purpose of collecting events in SGBox SIEM related to activities managed by Microsoft 365. Requirements To complete the tasks outlined in this guide, you’ll need the […]
6.2.1 A new version of SGBox that improve a lot of backend features and performance has been released Advanced view on parameters when queries are used Various fixes SGBOX > SCM > Applications > SGBox Updates
6.2.0 A new version of SGBox that improve a lot of backend features and performance has been released New Alarm Manager introduced Incident Management reviewed Various fixes SGBOX > SCM > Applications > SGBox Updates
6.1.0 A new version of SGBox that improve a lot of backend features and performance has been released Archive process has been inproved Backend queues revisited Various fixes SGBOX > SCM > Applications > SGBox Updates