29 | May | 2015 | Michael Ellerbeck

Advertisements

Advertisements

twitter
- My newest #scribit friend R2D2 credit to Sam Hallows https://t.co/fhF0lQ0RbL 6 days ago
- Welcoming R2D2 to my #scibit family. Credit Sam Hallows https://t.co/yIBLJpOgkl 6 days ago
- @Scribit_Design :) twitter.com/mellerbeck/sta… 2 weeks ago
- @ccostan ow 2 weeks ago
- teaching my kids to write on walls.... #scribit https://t.co/DRgdfXYZi0 2 weeks ago
- using the 'illustrated artistic portrait' feature #scribit https://t.co/Kg9wxuhuQE 2 weeks ago
- #scribit more scribit shots https://t.co/UlX2qYoU0N 2 weeks ago
- #scribit After the learning curve, got my #scribit up and running! https://t.co/arGPxzStSt 2 weeks ago
- Good smells for software packages #inductiveautomation #ignition michaelellerbeck.com/2019/09/20/goo… https://t.co/N67Pbx8iw1 3 weeks ago
- wahoo my #scribit is on its way! 1 month ago
- failed to initialize container mounts: failed to create overlay fs for container: mounting overlay solution GreenGr… twitter.com/i/web/status/1… 1 month ago
- Oracle Query Hint michaelellerbeck.com/2019/08/02/ora… 2 months ago
- NtCreateFile(\Device\VBoxDrvStub) failed: 0xc000000034 fix michaelellerbeck.com/2019/07/09/ntc… 3 months ago
- Balluff + PRTG +IoT michaelellerbeck.com/2019/06/25/bal… https://t.co/HQPQonQhgg 3 months ago
- @Kepware Hey a BNI EIP-508-105-Z015 exposes sensors data as JSON, how would you capture this using kepware? 4 months ago

Advertisements

#AlienVault #OSSIM SonicWall Finally got it working

Posted on May 29, 2015 by mellerbeck

Reading here, you have to turn on the plugin globally as well as locally

https://alienvault.bloomfire.com/posts/661002-plugins-management

Pays to read all the documentation!

To get there, configuration, deployment, click the tiny icon system detail on your alienvault center (to the very right magnify glass thingy)

Then click Sensor Configuration. Click Collection.

Search for sonicwall and then add it.

Yay, I see events coming in!

Advertisements

Filed under: Uncategorized | 1 Comment »

#AlienVault #OSSIM any help for sonicwall setup?

Posted on May 29, 2015 by mellerbeck

I’m going to start off with doing the steps found here

https://alienvault.bloomfire.com/posts/596832-device-integration-sonicwall/public

I mean what can go wrong, right?

The first vid here was instructional

http://webspy.com/most-popular-vendors/sonicwall/analyzing-sonicwall-log-files-with-webspy/

Ok, now to configure AlienVault to receive the Logs,

nano –w /etc/rsyslog.d/sonicwall.conf

if ($fromhost-ip == ‘IP_Address’) then /var/log/sonicwall.log

Hmm, got that setup and I can see stuff flowing into the SonicWall.log …. now to turn on the plugin.

Looks like I add the SonicWall as an Asset, (I chose NetworkDevice:Firewall)

Then enable the Dell / Sonicwall Scrutinizer plugin… hmmm but no joy yet though.

Plugin still says receiving data = no.

Finally got it working here -> https://michaelellerbeck.com/2015/05/29/alienvault-ossim-sonicwall-finally-got-it-working/

Filed under: Uncategorized | Leave a comment »