Introduction In this article is explained how to create your Virus Total API key and how to configure SGBox PB. API Key configuration Log in to Virus Total portal: https://www.virustotal.com/gui/sign-in.Click in user icon > API Key Copy your API Key SGBox Application configuration Log in to SGBox and doownload Virus Total application:From SCM > […]
Syslog configuration on Proxmox On linux environment is not necessary to install a specific agent to send log to SGBox. The syslog protocol will be used. If not already present, install rsyslog packet. apt-get -y install rsyslog Create file “20-SGBox.conf” file vi /etc/rsyslog.d/20-SGBox.conf Add the following row in order to send only authentication logs. Is […]
How to configurate Crowdstrike This guide provides instructions to configure Crodstrike console to send log to SGBox. In order to do that an additional software provided by Crowdstrike must installedi in your environment, alternatively you can use Crowdstrike application provided by SGBox. Following are the steps to configure Crowdstrike API client: Click on Configuration > […]
Troubleshooting on NVS In this guide, we show you how to perform debugging: to resolve certain issues that may arise on the NVS module and scan it manages. Troubleshooting “Hosts Not Alive” ProblemDuring the host discovery phase, the service checks if the host to be scanned is up and running in order to avoid wasting […]
Cynet – SGBox SIEM Integration Guide Configure Cynet to send syslog notifications to a remote Syslog. On your Cynet web interface, go to Setting > Advanced. Select the box beside Send Audit Records to SIEM. Go to Configuration > SIEM settings and enable the following configuration:– TCP– IP – public IP address of your syslog server– Port – port that […]
Troubleshooting on Collector 6 In this guide, we show you how to perform debugging: to quickly check if the collector has all the main processes active for correct communication with the Host or SGBox appliance. Docker and containers Collector 6 introduces the use of docker and containers, to activate them correctly, it is necessary do […]
6.2.5 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates SCM: different dashboards can now be opened simultaneously in tabs LM: CSV export added in query builder page and class/pattern analysis detail view LM: Syslog now supports log forwarding. […]
6.2.3 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates Various fixes
6.2.4 A new version of SGBox that improve a lot of backend features and performance has been released SGBOX > SCM > Applications > SGBox Updates Various fixes
In this guide, we show you how to perform network debugging: to quickly check that a port on a server is reachable from SGBox. You can perform network debugging using the SGBox CLI tool.Connect via SSH (using a programme such as Putty or a virtualisation console) to SGBox, specifying the user CLI and the password […]