Thank you very much for this blue team series. I really appreciate it. Thank for sharing with us that knowledge, you explain very well I love your videos. Cheers from Mexico my friend, much respect.
thanks it did work very well in my configuration, we tested with the wazuh cloud, the only difference was in the client configuration, the log format was: json
thanks for the session. It's good for beginners like me. However, I cannot figure out what is the difference between snort and Suricata. What is the use cases that we must use snort instead of Suricata?. thanks.
Thanks alot for such an informative session. I have a query is it possible that I can send my suricata alerts to a newly created indice rather than sending it to wazuh_alerts*? can you please guide me in this regard
I'm following your work here in Brazil!!!! your channel is very good.
Thank you very much for this blue team series. I really appreciate it. Thank for sharing with us that knowledge, you explain very well I love your videos. Cheers from Mexico my friend, much respect.
thanks it did work very well in my configuration, we tested with the wazuh cloud, the only difference was in the client configuration, the log format was: json
always Best and very helpful for everyone
Thank you so much for the explication
Nailed it! Can I ask for the link for Blue Team Series part 1?
I have a query, why are you using this wazuh? and how to connect a Suricata on "switch/router" to collect all logs connected to my network?
i like you man good luck
thanks for the session. It's good for beginners like me. However, I cannot figure out what is the difference between snort and Suricata. What is the use cases that we must use snort instead of Suricata?. thanks.
Very nice video !!
Great video!
brilliant, and am following
If we use wazuh for logs analysis,ids and ips then why we learn about snort and suricata and why we use these tools?
12:13 wasn't that you were looking? It's there!
How would I get the logs from Suricata into Wazuh if Suricata is running on a separate PC?
Nevermind. I somehow missed the fact that you used the Wazuh agent on the Suricata PC. Thanks for the video!
is it possible to forward suricata logs to graylog too?
Could you please show us how to install Suricata on Windows? Thanks
Thanks alot for such an informative session. I have a query is it possible that I can send my suricata alerts to a newly created indice rather than sending it to wazuh_alerts*? can you please guide me in this regard
Hi! Did you solve your doubt?
Regards.
How to use Suricata as inline IPS and forward logs to any SIEM(Wazuh/splunk/Alienfualt)
Muy bien. Te voy siguiendo.
Wazuh detect ssh brutte force attacks?
can you connect the suricata windows logs to Wazuh?
If so can anyone explain how?
Can this be done with Windows?
Thanks
Nice
Bro i challenge can you hack Awaken monster battle adventure it is not available in playstore
quick remark for me it didn't work on ubuntu in ossec.conf syslog but when i change it to json i started receiving the logs in wazuh manager