Skip to content

VIVI

Security shenanigans

Twitter Google Plus
  • Home
  • About
  • Twitter
  • Github
  • Presentations

Tag: logging

Attack Infrastructure Logging – Part 4: Log Event Alerting

March 23, 2018September 4, 2020VIVILeave a comment

Attack Infrastructure Logging Series: Part 1: Logging Server Setup Part 2: Log Aggregation Part 3: Graylog Dashboard 101 Part 4: Log Event Alerting Quick recap; we setup a Graylog logging server, configured it to collect logs from multiple attack infrastructure assets and visualised some of this log data on a custom dashboard. I’ll be wrapping up this…

Read More

Attack Infrastructure Logging – Part 3: Graylog Dashboard 101

March 23, 2018September 4, 2020VIVILeave a comment

Attack Infrastructure Logging Series: Part 1: Logging Server Setup Part 2: Log Aggregation Part 3: Graylog Dashboard 101 Part 4: Log Event Alerting The last 2 posts of this blog series had us setting up a logging server and aggregating logs into it from our various attack infrastructure assets. This brief post will go over setting up a…

Read More

Attack Infrastructure Logging – Part 2: Log Aggregation

March 23, 2018September 4, 2020VIVILeave a comment

Attack Infrastructure Logging Series: Part 1: Logging Server Setup Part 2: Log Aggregation Part 3: Graylog Dashboard 101 Part 4: Log Event Alerting In my previous post I covered setting up a Graylog2 logging server. In this post, we’re going to start getting some logs from our infrastructure assets into our Graylog installation. The number and type of…

Read More

Attack Infrastructure Logging – Part 1: Logging Server Setup

March 23, 2018September 4, 2020VIVILeave a comment

Background: One of my goals this year was to improve my infrastructure log management procedures during engagements. Up until quite recently my log management technique was opening a couple of terminal tabs, SSH-ing into all my infrastructure assets and cat-ing, tailf-ing and grepping the log files I was interested in. As you can imagine this…

Read More

VIVI

  • About
  • Presentations

Connect

Twitter

Github

Recent Posts

  • Retrieving Data from Thunderbird and Firefox
  • A Data Hunting Overview
  • Attack Infrastructure Logging – Part 4: Log Event Alerting
  • Attack Infrastructure Logging – Part 3: Graylog Dashboard 101
  • Attack Infrastructure Logging – Part 2: Log Aggregation

Archives

  • September 2020 (1)
  • May 2018 (1)
  • March 2018 (4)
  • November 2017 (1)
  • June 2017 (1)
  • March 2017 (1)
  • November 2016 (1)
  • June 2016 (1)

Tags

AIX c# DNS empire infrastructure logging mod_rewrite mozilla penetration testing post exploitation red teaming solarwinds wifi
© 2021 VIVI | WordPress Theme: Drento by CrestaProject.