Company ABOUT US WHY CHOOSE SGBox PARTNER PROGRAM TECHNOLOGY PARTNERS Products SIEM LOG MANAGEMENT EVENT CORRELATION & RESPONSE SYSTEM ACTIVE DIRECTORY AUDITOR USER BEHAVIOR ANALYTICS (UBA) THREAT INTELLIGENCE FEED NETWORK VULNERABILITY SCANNER ADVANCED EVENT SEARCH INCIDENT MANAGEMENT SOAR CLOUD SIEM FILE INTEGRITY Resources The Platform Blog Projects Knowledge Base FAQs Industries MANUFACTURING SECTOR PUBLIC ADMINISTRATION […]
Here a brief video that explain how to use it. Following all the concepts and features explained in details: Introduction An incident management tool is a crucial software solution that assists organizations in managing unexpected events or emergencies that occur within the IT environment. It is designed to streamline the incident management process and align […]
Download and Configure Microsoft SQL App This articles explain how to configure Oracle App in order to retrieve logs from a specified database table. Requirements: SGBox version 4.2.5 Go to the application lists from SGBox go to SCM > Applications Select Vendors Integrations and download the application Log from Oracle. Click on INSTALL. Once Installed […]
Hosts The host page allows to show all hosts present in the internal database of SGBox and perform operations on them. Document index Main page New Host Import Host Selection Edit host Multiple Editing Remove Alert explanation Settings Messages Main Page In the Total IPs box (1) it is possible to know the number of hosts allowed based […]
Syslog configuration on AIX This article explains how to send logs from AIX systems to SGBox. It’s not necessary to install a specific agent. The syslog protocol will be used. Log in to your AIX system Edit “/etc/syslog.conf ” file Add the following line auth.info @SGBoxIP The auth.info and the IP must be separated by […]
Set / Change SGBox Timezone This article explain how to configure the SGBox Timezone. By default the SGBox timezone is set to Europe/Rome. Following the steps, if you need to change it. Connect via ssh (using a program like Putty) to the SGBox specifying the user cli. If you haven’t changed them through the wizard, […]
Triggering a Playbook from a Pattern analysis Dashboard Create a playbook with a trigger node as start node Edit the trigger to set, in the Test parameters section, the same name of the parameter of the event you want to use in the dashboard to trigger the playbook. In the following nodes of the flow, […]
PB Samples Package The package provides a set of sample playbooks to test and practice with PB module and the various nodes available. API Request Playbook Test API Request: This playbook shows how to use Generic API Request node. The first node makes a request to an API. The second reads a value from the […]
Triggering a Playbook from a Event Query Any playbook can be launched as a reaction to a scheduled Event Query, when the query founds any result. Simply add the Run playbook action to the query, then select a playbook or choose to create one from scratch. You will be redirect to the playbook configuration page. […]
Enable Audit login to enable the global logging feature you must execute this command as query inside database: SET GLOBAL general_log = ‘on’ Enable Advanced Audit Inside the DB you must execute these commands as query inside database in order to enable the full audit feature: INSTALL SONAME ‘server_audit’; SET GLOBAL server_audit_logging=ON; SET GLOBAL server_audit_events […]