Logsign Unified SO Platform Guide

Getting Started

• EPS Calculator & Disk Planning
• Logsign Unified SO Platform Overview
• System Requirements
• Download and Installation
• Upgrade to Logsign Carbon on User Interface
• Installation of Ubuntu 20.04 & Logsign
• See all 8 articles

Deployment

• Large-scale Logsign Deployment Overview
• Understanding the Need for a Cluster
• Logsign Cluster Architecture and Services
• Managed Service Providers (MSS) Integration
• Defining Identity For Ldap Authentication
• Usage of Custom Plugin Tool
• See all 11 articles

Integration

• NXLog Configuration
• Routing Linux Based Service Logs to SIEM with using Rsyslog
• Understanding Data Collection Types
• Understanding of Data Collection
• Collects and Analyze Event Information
• Microsoft Active Directory Adding and Authorization
• See all 44 articles

Enrichment Technologies

• Nested Column Architecture
• Event Mapping Technology
• Position Based Enrichment Technology
• Location Based Enrichment Technology
• Geoip Lookup Service Capability
• Ldap / AD Connection Enrichment and Modifier Technology

Search Fundamentals / Data Aggregation

• Understanding Aggregated Data
• Basic Search with Lucene
• Ability to Use Lucene Techniques Query for Search
• Ability to Use Lucene Techniques Query in Incident Management
• Investigating Anomalies by Understanding Behavior
• Add or Remove Result Fields
• See all 10 articles

Security Analytics

• Predefined Dashboards Overview
• Creating a New Category for Dashboard
• Choosing right widgets for log set(s)
• Data Insights and Visualizations with High Possibility Incident Logs
• Health Monitoring and Maintenance Dashboard
• File Access Control Overview
• See all 18 articles

Alert Management

• Understanding Alert Rules
• Creating a New Alert Rule
• Analysis of Alerts
• List & Behaviors
• Understanding Static List
• Understanding the Statistical Lists
• See all 8 articles

Threat Intelligence Service

• Understanding of Threat Intelligence Service
• Enablement of Logsign Threat Intelligence
• Monitoring of Threat Activities

Investigate

• Incident Management Overview
• Incident Investigate
• Incident Lifecycle Management
• Reviewing Alerts and Investigates
• User Risk Score and Trend
• Artifact Overview
• See all 13 articles

Responses

• ServiceNow - Responses Integration
• FortiGate Firewall Responses Integration
• Cyfirma - Responses Integration
• Vcenter - Responses Integration
• IP2LOCATION RESPONSE INTEGRATION
• Mail Integration
• See all 16 articles

Data Management

• EPS Stats & Reading Graphics
• Offline Report Cluster Architecture - Management
• Data Management Resilience and High Availability for Logsign
• Creation Input Filter by Regex
• Index Management in Logsign
• Offline Report
• See all 18 articles

Account and Views ( Delegation )

• Overview of User Management
• Users
• Roles

System

• Network Interfaces
• Date & Time Settings
• Most Used Ubuntu Commands
• System Update
• Power
• Company Settings
• See all 7 articles

Maintenance

• Logsign - External SNMP Settings
• Installing VMware Tools on Ubuntu
• Source Stats
• Health Check Notifications
• Support Platform
• Screen Commands in Linux
• See all 9 articles

Troubleshooting

• Response Integration Troubleshooting
• Mail Notification Troubleshooting
• Alert Engine - Alert Trigger Troubleshooting
• Understanding Logsign System Logs
• Understanding and troubleshooting Ram, CPU, Disk, and Network I/O errors.
• System Notifications and Error Messages
• See all 13 articles