Neil Brown on Nostr: I've been spending some of my "free" time recently trying to get my head around ...
I've been spending some of my "free" time recently trying to get my head around Wazuh, as as FOSS SIEM tool.
So far, I'm impressed, but still very much finding my way around.
Today's tinkering was working out how to suppress some false-positive alerts, and setting up email alerts for critical and serious alerts.
I wonder if I will wake up tomorrow (after tonight's automated vulnerability scans) to an inbox of alerts, or if my overrides will have worked...
So far, I'm impressed, but still very much finding my way around.
Today's tinkering was working out how to suppress some false-positive alerts, and setting up email alerts for critical and serious alerts.
I wonder if I will wake up tomorrow (after tonight's automated vulnerability scans) to an inbox of alerts, or if my overrides will have worked...