SIEmonster Traffic Flow Syslogs V2

Photo posted by chris on Oct 13, 2016

On a network appliance/printer/SCADA device that does not have an agent point the hosts SYSLOG configuration to Proteus. Proteus is running Syslog-ng and will capture all syslog’s and insert them into the Logstash stream procedure. The data will then be queried by Capricorn for Alerting/Analysis and relevant data will be fed back into Kraken/Tiamat for long term storage. 

Photo Details

  • File size
  • 85.3 KB
  • Photo size
  • 1540x1076

Outcomes