API configuration on MISP This guide describes the installation and configuration of the MISP integration for SGBox. It enables users to make API calls, download feeds into SGBox, and perform cross-analyses between SGBox events and MISP data. Enable integration with MISP Generating an API Key Access the MISP web interface as an administrator and go […]
6.3.1 A new version of SGBox that improve a lot of backend features and performance has been released LM – new keywords can be used to query events, to join all parameters of the same category into one: $SOURCEADDRESS, $DESTINATIONADDRESS, $SOURCEUSER, $DESTINATIONUSER SCM – from a events widget of a dashboard, multiple parameter values can […]
Syslog congiguration on Darktrace Log in to your DarkTrace Management Console. Go to the System configuration > Modules. Look for “Workflow Integrations” > search: Syslog. Enter the details of your SGBox and how to send logs: IP Address/Hostname: The address of SGBox Port: 514 (standard) Protocol: Choose UDP protocol. Format: CEF
Syslog congiguration on Deceptive Bytes The procedure is carried out primarily within the platform’s Management Console. Log in to your Deceptive Bytes Management Console. Go to the Settings (or Configuration) section from the main menu. Look for the Integrations or External Logging / Syslog option. Enter the details of your SGBox: IP Address/Hostname: The address […]
Syslog configuration on Sangfor HCI / VDI This article explain how to forward logs from Sangfor HCI / VDI to SGBox: Go to System > Log or Monitor > Log Management
6.3.0 A new version of SGBox that improve a lot of backend features and performance has been released Playbooks can now run on remote probes Playbook can now executes custom script uploaded. Alarm can now be sent to a remote SOC Screenshot can now be added to an alarm Params can now be translated in […]
API Key configuration This articles explain how to configure SGBox to interact with Telegram API in order to send alert messages when a specific event occur. Requirements: SGBox version 4.2.4 with the LM and LCE modules. A Telegram BOT. There are many tutorial about how to configure a Telegram BOT. We choose @BotFather for our […]
Introduction In this article is explained how to create your OPSWAT API key and how to configure SGBox PB. API Key configuration Log in to OPSWAT portal: https://my.opswat.comClick in user Settings > Global > Server Integration Copy your API Key SGBox Application configuration Log in to SGBox and doownload OPSWAT application:From SCM > Application […]
Introduction In this article is explained how to create your Virus Total API key and how to configure SGBox PB. API Key configuration Log in to Virus Total portal: https://www.virustotal.com/gui/sign-in.Click in user icon > API Key Copy your API Key SGBox Application configuration Log in to SGBox and doownload Virus Total application:From SCM > […]