6.2.5 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates SCM: different dashboards can now be opened simultaneously in tabs LM: CSV export added in query builder page and class/pattern analysis detail view LM: Syslog now supports log forwarding. […]
6.2.3 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates Various fixes
6.2.4 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates Various fixes
In this guide, we show you how to perform network debugging: to quickly check that a port on a server is reachable from SGBox. You can perform network debugging using the SGBox CLI tool.Connect via SSH (using a programme such as Putty or a virtualisation console) to SGBox, specifying the user CLI and the password […]
Introduction to be able to receive logs from Sophos appliance, the syslog must be configured. Example configuration NOTE: this is only an example configuration, the options may change due to different version or changed options. Connect to your Sophos firewall system. Choose System services > Log settings and click Add. Enter a name Specify settings […]
Associate Collector to Tenant This operation is needed in order to forward logs to the correct SGBox tenant. It could be done in two ways: from the collector with option “Register collector” (https://www.sgbox.eu/en/knowledge-base/the-sgbox-collector-v6/#Register_the_collector). You need insert the “key probe for connection” you choosed when tenant was created (in our example https://www.sgbox.eu/en/knowledge-base/create-new-tenant/ is Key1234) On SGBox […]
6.2.2 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates LM/PB: logs mapping and JSON logs PB node adapted for Google logs integration LCE: enabled fixed data passing to the call API action UX improvements on filters, sorting, actions […]
Cato Network – SGBox SIEM Integration Guide This guide explains how to set up the configuration that allows SGBox to make API calls to the Cato Network service in order to collect events in SIEM and will help you analyze events generated by activities related to Network, Security, Sockets, Cato Clients, and more. To complete […]
Qualys scan – with Windows authentication This article describes how to configure Qualys Probe to monitor and perform vulnerability assessments on Windows servers with authentication. Getting started Using host authentication (trusted scanning) allows our service to log in to each target system during scanning. For this reason we can perform in depth security assessment and […]