WELCOME TO CRONINITY

If an elastic query in the dashboard does not return any records, the dashboard may not display zero values for the visualized data.

Parent Events versus Base Events Concept The diagram below highlights the SOC Triad, with core cybersecurity tools like Network Detection...

If you have the same dashboard content you want to display across multiple similar but different items, it can be extremely cumbersome to...

Authentication Logging for Operating Systems Overview One crucial aspect of cybersecurity involves monitoring logins associated with user...

Elastic - Overview When considering data storage in Elasticsearch, it's common to think of relational databases. However, Elasticsearch...

NIST 800-53 logging controls are primarily categorized within the AU (Audit and Accountability) control family. Within AU, there are...

In cybersecurity, various logging systems are employed, often known as 'Security Information & Event Management' (SIEM) systems when...

Logstash configurations have three main components: Input Filter Output See below an example Logstash configuration file. # /etc/logstash/conf.d/syslog-to-siem.conf # ───────────────────────────────────────── # INPUT — where Logstash receives log data # ───────────────────────────────────────── input { syslog { port => 514 # listen for rsyslog UDP/TCP on port 514 type => "syslog" # tag all events with a type for routing later } } # ─────────────────────────────