The use of removable storage devices is usually not allowed in organizations, you should not at least be able to connect a USB flash drive or removable hard drives. But it is true that in exceptions, They are needed, and for this purpose a GPO is usually defined with a whitelist of allowed USB devices and applied to the users/computers that need them. But ,How do you use them??
A fairly quick post that I think may interest many of us, and it's no more common than being able to monitor any event in the Windows Event Viewer. Can you imagine keeping an eye on the events of the domain controllers??
Something very common that we are usually asked for is the possibility of knowing the logons and other interesting information that a user can generate. In this post we will see how to visualize data as interesting as: When have they logged in, When they closed the session, Incorrect login attempts, When a computer has been locked, or unlocked, or when the screensaver has tripped, or it has been deactivated…
GOOD, once we have already set up our platform with Elasticsearch, Logstash and Kibana, In this first post, we are going to analyze the events of the Event Viewer of our Windows computers using Winlogbeat! We'll install the small agent and send the events we decide to Logstash to process and store in Elasticsearch, and then we will visualize them with Grafana!
Do Tailor-made training
Windows Server – VMware vSphere – Citrix Virtual Apps & Desktops – Centreon
|
|
¡Let's work together!
|
 |
We are a consulting firm that cares and pampers
|
 |
|
With quality and added value
|
 |
