SGBox Event Text Lookup search (ETL) The ETL function allows user to search for a specific parameter in the events history. Using this functionality you can search in the past events any occurrence of the parameter you select. In this way it is possible, for example, to check if the source IP address of a […]
SGBox Log Management and Retention This section explain how SGBox manage logs and difference between: online logs, encrypted logs and events. Requirements: From the beginning: SGBox receives log data from different inputs / data sources and by using different protocols. +Online LogsThe raw data from each data source is associated with a unique tag and […]
Extend the entire disk size This article explains how to expand the capacity of SGBox’s disk. With version 5 is possible extend the full disk, not only the data partition. In order to extend the disk: Requirements: SGBox version 5 is required. You need to extend SGBox disk from your hypervisor. ⚠️ It may be […]
Download and Configure MySQL App This articles explain how to configure MySQL App in order to retrieve logs from a specifc database table. Before start here you can see how our database is configured: Requirements: SGBox version 4.2.5 Go to the application lists from SGBox go to SCM > Applications Select Vendors Integrations and download […]
Download and Configure Microsoft SQL App This articles explain how to configure MSSQL App in order to retrieve logs from a specificd database table. Before start here you can find how our database is configured by logging in with SQL Authentication: You can see: In red: the database configuration In black: the query results Requirements: […]
Configure Syslog on XenServer On Xen systems is not necessary to install a specific agent to send log to SGBox. The syslog protocol will be used. Edit “xenserver.conf” file vi /etc/rsyslog.d/xenserver.conf Add the following row in order to send only authentication logs. Is possible use the IP or the hostname of SGBox auth,authpriv.* @SGBox-IP Alternatively, […]
How to configure Palo Alto to send logs to SGBox Please follow the official guide, for your specific Palo Alto version, on how to send CEF formatted logs to SGBox through the syslog protocol: Configuration guides WARNING!!! Please be aware to not cat and paste log templates directly from the PDF, or the web page, […]
Download updated feed from internet This articles explain to configure open source feed to use as list in SGBox. Requirements: SGBox version 4.2.5 Feed Application must be scheduled. See this section to discover how to schedule an application. From SGBox go to SCM > Actions > Lists Select Feeds in the top right corner. Select […]
How to configure Syslog on MikroTik Log in to MikroTik using web interface. Click on System > Logging, then switch to Action tab. Select Remote and specify the SGBox IP and port 514. Go back on Rules tab and specify which type of log you want to send to SGBox.
How to export SGBox GPG Key This articles explain how to export the SGBox private and public keys in order to decipher your logs out of SGBox. Requirements: SGBox version 4.2.0 or later. Only the default Admin user can export the key. The supervisor password must be set in SCM > Advanced Options, Supervisor Password. […]