Hi,

I tried to enable the tls via default utility on free feature, but wasn't successful. Could you create a simple tutorial for this?

Use this checklist to track logstash wiki and documentation

• Update https://github.com/Cyb3rWard0g/HELK/wiki/Create-Plugins-Offline-Package
• Update HELK overview picture
  • remove alien vault integration
  • update with new indexes #256
• document catch all for windows
• document indexme catch all
• some general guideline on X amount of devices and or X amo

Currently auth02mozdef.py uses the Auth0 /api/v2/logs endpoint to fetch logs.

Auth0 has, since this was developed, released Auth0 LogStreams which uses AWS EventBridge.

Please switch

In the Kubernetes admin course, we mention CoreOS Tectonic, but it may soon be folded into OpenShift. The slides should be updated to clarify (and, while we're there, add a few other options).

This is in file slides/k8s/setup-selfhosted.md.

[Discussion in #446](https://github.com/jpetazzo/container.training/pull/446/files/3f40cc25a2f31e54a02d64e683deee1be9837e86#diff-2ffe1c2ff95f331d6a12f9ea

ES - v6.5.4
Kibana - v6.5.4
Search guard - v6.5.4
sentinl plugin - v6.5.4

Configure sentinl with some test watcher and action , but when i deleted the watcher from kibana GUI , but still alarm get fired at the regular interval , as i already given required permission at search guard , subsequent index get created at elastic search , manually deleted watcher index but it will auto recr

Instead of using the receiver URL for the EU region it would be better to set it up via a region flag. This is easier to manage and less things can go wrong.

Create a simple example of creating instances, installing docker, setting up security groups, LB's, etc. with Terraform, ideally for digital ocean and AWS.

Some examples:
https://github.com/Praqma/terraform-aws-docker
https://github.com/mlabouardy/terraform-aws-labs/tree/master/docker-swarm-cluster

Hi DSIEM people,

Not really an issue per-se, but I'm struggling to understand how you actually implement Intel Feeds for DSIEM.

From what I can gather, you are using Wise for Moloch to collect intel from various sources. But what I'm having trouble understanding is how you grab the normalized event, and then check the data in that event against a piece of intel.

I have read https://githu

It would be good if the README had information on how to run the tests found in the test directory.