BRO and Fortinet Content Packs on Graylog Marketplace

Content Packs for Graylog Lately, I have been working with Graylog a lot so I decided to update a few items on github and update their entries on the Graylog marketplace website. BRO content pack for Graylog The BRO IDS content pack contains pipeline rules, a stream, a dashboard displaying interesting activity, and a syslog […]

Replace rsync with lftp for remote file copies on Linux

Rsync is an awesome tool that I have used extensively. However, I think it is time to explore other tools that can replace some of what rsync has been doing for so many years. I’m not saying that you should never use rsysnc. What I am saying is there are other options and in some […]

Patching a Standalone ESXi host using the shell

Overview As with any system running software, you are going to have to apply patches to it at some point and VMware is no different. VMware recommends customers install all security patches to maximize the protection that VMware provides. For a list of all security patches, you can go here Login with your myvmware […]

RedHat Subscription Management

Subscription Management using subscription-manager Register a System subscription-manager register --username <username> --password <password> --auto-attach Disable managed yum repositories subscription-manager config –rhsm.manage_repos=0 Enable a specific channel subscription-manager repos –enable rhel-6-server-optional-rpms Sync RHN Profile rhn-profile-sync From

Upgrading salt-minion on Windows using Salt

Upgrading the Salt Minion For installation, follow the instructions on the saltstack website Upgrade the Windows salt-minion Login to the salt-master server and cd to the files directory cd /srv/salt/server-base/file Download the latest Version from the SaltStack Website ( wget Copy the newest version out to all the Windows servers based on architecture salt […]

Resize an LVM Partition on VMware

Accommodate growth of a VM by expanding an LVM partition At some point, a “physical volume” may have to be enlarged to accommodate growth on a VM. This is how you grow the filesystem of an existing VMDK without adding an additional disk to your VM. Enlarging a VMDK login to VMware Find the VM […]

Configure a default zone with firewalld

This is not meant as a full primer for firewalld. It is just meant to document changing the default zone. If you are looking for a more in-depth exposure to firewalld try Check available zones firewall-cmd --get-zones Check active zone firewall-cmd --get-active-zones Get current zone of interface (assumes it is in the public zone) […]

Send Security Onion logs to a centralized Graylog Server

Overview For anyone that doesn’t know, Security Onion is a custom Linux distribution running on Ubuntu that can be used as a Network Intrusion Detection System (NIDS). Security Onion integrates several configurable apps like BRO IDS, Snort, Suricata, and OSSEC to name a few. By default, there is an integrated ELSA Stack that can be […]

Proudly powered by WordPress   Premium Style Theme by