Logsign Unified SO Platform Guide

Getting Started

• EPS Calculator & Disk Planning
• Logsign Unified Security Operations Platform Overview
• System Requirements
• Download and Installation
• Upgrade to Logsign Carbon on User Interface
• Installation of Ubuntu 20.04 & Logsign
• See all 9 articles

Deployment

• Large-scale Logsign Deployment Overview
• Understanding the Need for a Cluster
• Logsign Cluster Architecture and Services
• Managed Service Providers (MSS) Integration
• Defining Identity For Ldap Authentication
• Usage of Custom Plugin Tool
• See all 11 articles

Integration

• Unix - Solaris Integration
• NXLog Configuration
• Routing Linux Based Service Logs to SIEM with using Rsyslog
• Understanding Data Collection Types
• Understanding of Data Collection
• Collects and Analyze Event Information
• See all 45 articles

Enrichment Technologies

• Nested Column Architecture
• Event Mapping Technology
• Position Based Enrichment Technology
• Location Based Enrichment Technology
• Geoip Lookup Service Capability
• Ldap / AD Connection Enrichment and Modifier Technology

Search Fundamentals / Data Aggregation

• Understanding Aggregated Data
• Basic Search with Lucene
• Ability to Use Lucene Techniques Query for Search
• Ability to Use Lucene Techniques Query in Incident Management
• Investigating Anomalies by Understanding Behavior
• Add or Remove Result Fields
• See all 10 articles

Security Analytics

• Predefined Dashboards Overview
• Creating a New Category for Dashboard
• Choosing right widgets for log set(s)
• Data Insights and Visualizations with High Possibility Incident Logs
• Health Monitoring and Maintenance Dashboard
• File Access Control Overview
• See all 18 articles

Alert Management

• Understanding Alert Rules
• Creating a New Alert Rule
• Analysis of Alerts
• List & Behaviors
• Understanding Static List
• Understanding the Statistical Lists
• See all 8 articles

Threat Intelligence Service

• Understanding of Threat Intelligence Service
• Enablement of Logsign Threat Intelligence
• Monitoring of Threat Activities

User Entity Behavior Analytics

• User Entity Behavior Analytics (UEBA) Overview
• Detecting and Investigating Insider Threats with UEBA
• Defining And Management - Identity & Assets For UEBA

Investigate

• Incident Management Overview
• Incident Investigate
• Incident Lifecycle Management
• Reviewing Alerts and Investigates
• User Risk Score and Trend
• Artifact Overview
• See all 13 articles

Responses

• FortiGate Firewall Responses Integration
• Sonicwall Response Integration
• MISP RESPONSE INTEGRATION
• PICUS RESPONSE INTEGRATION
• ARUBA RESPONSE INTEGRATION
• SOPHOS FIREWALL RESPONSE INTEGRATION
• See all 44 articles

Data Management

• Logsign Leaf System Requirements
• EPS Stats & Reading Graphics
• Offline Report Cluster Architecture - Management
• Data Management Resilience and High Availability for Logsign
• Creation Input Filter by Regex
• Index Management in Logsign
• See all 19 articles

Account and Views ( Delegation )

• Overview of User Management
• Users
• Roles

System

• Network Interfaces
• Date & Time Settings
• Most Used Ubuntu Commands
• System Update
• Logsign StandAlone Server Power State process.
• Company Settings
• See all 7 articles

Maintenance

• Logsign - External SNMP Settings
• Installing VMware Tools on Ubuntu
• Source Stats
• Support Platform
• Screen Commands in Linux
• Vlan Tagging for Network Configuration
• See all 8 articles

Troubleshooting

• Leaf Module Detailed Technical Information and Network Troubleshooting
• Response Integration Troubleshooting
• Mail Notification Troubleshooting
• Alert Engine - Alert Trigger Troubleshooting
• Understanding Logsign System Logs
• Understanding and troubleshooting Ram, CPU, Disk, and Network I/O errors.
• See all 14 articles