6.2.2 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates LM/PB: logs mapping and JSON logs PB node adapted for Google logs integration LCE: enabled fixed data passing to the call API action UX improvements on filters, sorting, actions […]
Cato Network – SGBox SIEM Integration Guide This guide explains how to set up the configuration that allows SGBox to make API calls to the Cato Network service in order to collect events in SIEM and will help you analyze events generated by activities related to Network, Security, Sockets, Cato Clients, and more. To complete […]
Qualys scan – with Windows authentication This article describes how to configure Qualys Probe to monitor and perform vulnerability assessments on Windows servers with authentication. Getting started Using host authentication (trusted scanning) allows our service to log in to each target system during scanning. For this reason we can perform in depth security assessment and […]
Configure login auditing MSSQL (SQL Server Management Studio) This article describes how to configure login auditing in SQL Server on Windows, to monitor SQL Server Database Engine login activity. Login auditing can be configured to write to the error log on the following events. Failed logins Successful logins Both failed and successful logins Use SQL […]
Microsoft 365 (Office 365) – SGBox SIEM Integration Guide This Guide explains how to configure SGBox to make API calls to Microsoft 365 (previously called Office 365) with the purpose of collecting events in SGBox SIEM related to activities managed by Microsoft 365. Requirements To complete the tasks outlined in this guide, you’ll need the […]
6.2.1 A new version of SGBox that improve a lot of backend features and performance has been released Advanced view on parameters when queries are used Various fixes SGBOX > SCM > Applications > SGBox Updates
6.2.0 A new version of SGBox that improve a lot of backend features and performance has been released New Alarm Manager introduced Incident Management reviewed Various fixes SGBOX > SCM > Applications > SGBox Updates
6.1.0 A new version of SGBox that improve a lot of backend features and performance has been released Archive process has been inproved Backend queues revisited Various fixes SGBOX > SCM > Applications > SGBox Updates
Custom reports are used to filter search results and extract information from different classes.To create a Custom report go to LM > Custom Report, this page open the list of existing reports but you can also create a new one. Requirements: SGBox version 6.0.0 Main Page The main page displays information about the Custom Reports, […]
LCE → Rules 📝 Add and modify new rule This page allows you to create and edit a rule. A correlation rule is used to alert the admin when an event, or a series of events, occur in a specified time range. ✔️ Requirements: A mail server must be configured. Check the Configure a Mail […]