News
Entertainment
Science & Technology
Sport
Business & Money
Life
Culture & Art
Hobbies
8 | Follower
SOC Prime
24.12.2024
Learn more about OpenSearch flushing, the process of permanently storing data onto disk for all operations that have been temporarily stored in memory.
This guide explains configuring Fluentd to extract structured data from unstructured log messages using the parser plugin with a regular expression (regexp).
Explore how Kafka Streams can be utilized for filtering and correlating events in real time, transforming it into a correlation engine.
Learn how to create a Regex Pattern Set in AWS Web Application Firewall (WAF).
Learn how to improve Elasticsearch cluster performance by fine-tuning certain settings and their descriptions.
21.12.2024
Explore how to use the COLLECT command for creating new events in a new index in Splunk from our blog.
Learn more about using the map command in Splunk to enable secondary searches based on the results of a primary search.
Learn more about Apache Kafka basics, key concepts, and prominent use cases.
20.12.2024
If you are using Logstash and need to enrich event data with geolocation information based on IP addresses, check out this blog.
Learn how to split an existing index into multiple smaller indices by leveraging OpenSearch Split Index API.
19.12.2024
Learn how to decode HEX-encoded data, improve data usability, and streamline Elasticsearch workflow using Ruby code in Logstash
Detect UAC-0125 attacks against Ukraine exploiting the “Army+” app to gain remote access to targeted systems with Sigma rules from SOC Prime.
Routing allocation settings dictate how shards are distributed across nodes in a cluster, being essential for robust cluster management
Learn how to define multiple processing pipelines within a single instance using @label
18.12.2024
Detect DarkGate malware deployed via Microsoft Teams voice phishing using a set of dedicated Sigma rules from SOC Prime Platform.
Learn how to efficiently monitor and manage index sizes in Elasticsearch, ensuring a stable and well-optimized cluster.
Discover the root causes of JVM GC Monitor Service overhead in Elasticsearch and get recommendations on how to cope with them.
How to optimize OpenSearch Dashboards for your unique needs, ensuring a secure, efficient, and user-friendly experience.
17.12.2024
Learn how to process dot-separated keys to create a nested structure.
Detect UAC-0099 attacks against Ukraine exploiting CVE-2023-38831 and spreading LONEPAGE malware with Sigma rules from SOC Prime.
Learn more about essential Dev Tools Console commands in Kibana to simplify cluster management and troubleshooting as Elasticsearch admin.
Learn how to deal with "No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'" warning in Elasticsearch, OpenSearch.
Read the blog by SOC Prime experts and learn how to increase index.max_regex_length in OpenSearch.
14.12.2024
Detect Secret Blizzard APT attacks targeting Ukraine via Amadey malware to deploy KazuarV2 backdoor with Sigma rules from SOC Prime Platform.
Learn how to create a custom rule to send notifications when logs stop coming from any log source
Learn how to control the level of access to data through roles and users in Elasticsearch
Learn how to dynamically modify the tags of incoming log records based on their content.
13.12.2024
Learn about the cluster blocks read-only settings, common scenarios when they occur, and how to restore normal operations
Detect CVE-2024-50623 exploitation attempts, an RCE vulnerability in Cleo file transfer products with Sigma rules from SOC Prime Platform.
Learn how to manage bot traffic effectively by configuring your web ACL to allow verified bots with AWS WAF Bot Control
Threat Bounty November digest brings program insights on released content, five top-rated rules and authors, and recommendations on known challenges
Learn how to convert arrays of hashes into a structured key-value format in Fluentd using inline Ruby scripts enabling transformations during log processing.
12.12.2024
Learn how to ensure that cluster dynamically selects replicas based on their responsiveness
Learn how to configure the index structure for large volumes of data in Elasticsearch
Detect cyber-espionage activity against Southeast Asian organizations potentially linked to Chinese groups with Sigma rules from SOC Prime Platform.
Learn how to prevent BufferOverflowError when you get logs from Kafka and your output can't connect to OpenSearch or ElasticSearch
11.12.2024
Explore how to enable and manage AWS WAF logging using Amazon CloudWatch Logs.
This article provides a standard template for configuring Logstash pipelines, referred to as the "gold template."
Explore best practices for optimizing the master node to ensure a stable and robust Elasticsearch cluster.
Learn how to manage disk allocation thresholds in an Elasticsearch or OpenSearch cluster