There has been a lot of great work done to generate STIG baselines for the various VMware products. This content is publicly-available on Github under the vmware/dod-compliance-and-automation repository. As I’m currently focused on using VMware Photon 5, I’m going to explore that process with you now. Initial Testing Before applying your STIG, you’ll probably want …
I’m pretty inexperienced when it comes to Fluentd logging, but I have a necessary use case to use it to ingest some log files with a non-standard format. There’s documentation on how parsers work, and there are even examples of how it should automatically happen. But, then there’s also the reality that I discovered that …
There are many common approaches to logging. However, since my home environment is running SecurityOnion (SO), I’m going to focus on three common ones and show how to do an end-to-end configuration with SO. If you’re curious about Filebeat, I’ve already written about it here. Fluentd Fluentd is extremely popular, while providing many options and …