This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Henrik_Noerr1
Advisor
‎2024-01-25 01:42 AM

Hey,

All our firewall logs are sent to an elastic instance with the log exporter. From here we have set up alerts on various logs. So when IOC stops working the firewall logs it, and we sent a webhook from elastic to our ITSM with relevant info.

 

Furthermore we have a query every X minute from a tooling server, that queries an item agreed to be in the feed. The query should be stopped. If it is not, we sent an alert to our ITSM system.

 

/Henrik

(1)
Who rated this post