Cynet – SGBox SIEM Integration Guide Configure Cynet to send syslog notifications to a remote Syslog. On your Cynet web interface, go to Setting > Advanced. Select the box beside Send Audit Records to SIEM. Go to Configuration > SIEM settings and enable the following configuration:– TCP– IP – public IP address of your syslog server– Port – port that […]
Troubleshooting on Collector 6 In this guide, we show you how to perform debugging: to quickly check if the collector has all the main processes active for correct communication with the Host or SGBox appliance. Docker and containers Collector 6 introduces the use of docker and containers, to activate them correctly, it is necessary do […]
6.2.5 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates SCM: different dashboards can now be opened simultaneously in tabs LM: CSV export added in query builder page and class/pattern analysis detail view LM: Syslog now supports log forwarding. […]
6.2.3 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates Various fixes
6.2.4 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates Various fixes
In this guide, we show you how to perform network debugging: to quickly check that a port on a server is reachable from SGBox. You can perform network debugging using the SGBox CLI tool.Connect via SSH (using a programme such as Putty or a virtualisation console) to SGBox, specifying the user CLI and the password […]
Introduction to be able to receive logs from Sophos appliance, the syslog must be configured. Example configuration NOTE: this is only an example configuration, the options may change due to different version or changed options. Connect to your Sophos firewall system. Choose System services > Log settings and click Add. Enter a name Specify settings […]
Associate Collector to Tenant This operation is needed in order to forward logs to the correct SGBox tenant. It could be done in two ways: from the collector with option “Register collector” (https://www.sgbox.eu/en/knowledge-base/the-sgbox-collector-v6/#Register_the_collector). You need insert the “key probe for connection” you choosed when tenant was created (in our example https://www.sgbox.eu/en/knowledge-base/create-new-tenant/ is Key1234) On SGBox […]
6.2.2 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates LM/PB: logs mapping and JSON logs PB node adapted for Google logs integration LCE: enabled fixed data passing to the call API action UX improvements on filters, sorting, actions […]