Use the collector to run a Vulnerability Scan This article explains how to configure a collector as a probe for SGBox.This is useful if you want delegate the Vulnerability Scan job to collector instead SGBox. Requirements: A collector must be deployed and configured to communicate with SGBox. Show this section Loging to the SGBox Web […]
The correlation rules A correlation rule is used to alert the admin when an event, or a series of events, occur in a specified time range.In order to create a new simple rule you have to: Requirements: A mail server must be configured. Look Configure a Mail server section to see how to configure a […]
Launch a Scan This section explains how to launch a vulnerability scan. SGBox uses, by default, the OpenVAS engine to test vulnerabilities on host groups (assets). To run it, you need to: Requirements: OpenVAS must be configured. Look This section to see how to configure OpenVAS. A asset must be prepared to OpenVAS. Look this […]
How to prepare an asset to NVS This article explains how to prepare an asset to NVS. In this way, the hosts that are part of it, can be used as target of the scan test. For more information about the assets, look the article that explains how to create an asset. Requirements: The asset […]
How to configure Syslog on Debian On linux environment is not necessary to install a specific agent to send log to SGBox. The syslog protocol will be used. If not already present, install rsyslog packet. apt-get -y install rsyslog Edit “rsyslog.conf” file vi /etc/rsyslog.conf Add the following row in order to send only authentication logs. […]
On linux environment is not necessary to install a specific agent to send log to SGBox. The syslog protocol will be used. If not already present, install rsyslog packet. yum -y install rsyslog Edit “rsyslog.cong” file vi /etc/rsyslog.conf Add the following row in order to send only authentication logs. Is possible use the IP or […]
On linux environment is not necessary to install a specific agent to send log to SGBox. The syslog protocol will be used. If not already present, install rsyslog packet. yum -y install rsyslog Edit “rsyslog.cong” file vi /etc/rsyslog.conf Add the following row in order to send only authentication logs. Is possible use the IP or […]
Syslog configuration on Ubuntu On linux environment is not necessary to install a specific agent to send log to SGBox. The syslog protocol will be used. If not already present, install rsyslog packet. apt-get -y install rsyslog Edit “50-default.conf” file vi /etc/rsyslog.d/50-default.conf Add the following row in order to send only authentication logs. Is possible […]
How to configurate Syslog on Bitdefender GravityZone This guide provides instructions to configure Bitdefender GravityZone to forward Bitdefender GravityZonelogs via syslog. The configurations detailed in this guide are consistent with Bitdefender GravityZone (on-prem) v6.5 to 7.0. Requirements: Note: Bitdefender GravityZone supports the syslog option from v6.50 to 7.0. Following are the steps to configure Bitdefender […]
How to configurate Syslog on PFSense Log in to PFSense using web interface. Click on Status > System Logs > Settings On section Remote Logging Options put the SGBox IP and choose the port 514 From SGBox WebUI PFSense Package: SCM > Application > Pacakges