Set / Change SGBox Timezone This article explain how to configure the SGBox Timezone. By default the SGBox timezone is set to Europe/Rome. Following the steps, if you need to change it. Connect via ssh (using a program like Putty) to the SGBox specifying the user cli. If you haven’t changed them through the wizard, […]
Triggering a Playbook from a Pattern analysis Dashboard Create a playbook with a trigger node as start node Edit the trigger to set, in the Test parameters section, the same name of the parameter of the event you want to use in the dashboard to trigger the playbook. In the following nodes of the flow, […]
PB Samples Package The package provides a set of sample playbooks to test and practice with PB module and the various nodes available. API Request Playbook Test API Request: This playbook shows how to use Generic API Request node. The first node makes a request to an API. The second reads a value from the […]
Triggering a Playbook from a Event Query Any playbook can be launched as a reaction to a scheduled Event Query, when the query founds any result. Simply add the Run playbook action to the query, then select a playbook or choose to create one from scratch. You will be redirect to the playbook configuration page. […]
Enable Audit login to enable the global logging feature you must execute this command as query inside database: SET GLOBAL general_log = ‘on’ Enable Advanced Audit Inside the DB you must execute these commands as query inside database in order to enable the full audit feature: INSTALL SONAME ‘server_audit’; SET GLOBAL server_audit_logging=ON; SET GLOBAL server_audit_events […]
Syslog configuration on Synology This article explain how to configure your Synology to send logs to SGBox.The Log Center application is need. If you don’t have it, you need to download from download center. From menu select Log Center Select Log Sending > Location and specify the SGBox ip address. Then click on Apply From SGBox WebUI downlaod Synology Package: SCM > Application […]
Create customer access You can give the end user access to his own tenant. In order to do that: log in as SGBoxmanager or SGBox admin, from SCM > Multi tenant > Manager select TENANTS. The list of the managed tenants appears, choose the tenant and click on RESET in the “admin password” column. Now […]
Create new tenant admin An SGBox admin can monitor more than one tenant at time, usually is used by resellers or SOC analysts to monitor their customers. You cannot make configuration changes from here, just create aggregated dashboard or views on managed tenants.To create a new SGBox admin login as SGBox manager on “sgbox” tenant. […]
Create new Tenant As SGBox manager login with the credential configured during the wizard and specify “sgbox” as tenant. From SCM > Multi tenant > Manager select in the top right LICENSE STATUS. A new tenant should be available. If no tenants are availables you must ask for a new license to the sales team […]
Collector TCPDump There are some tools you can use via CLI in order to check if there are some problems to receive or visualize data. Connect via ssh (using a program like Putty) to the collector specifying the user sgbox. If you haven’t changed them through the wizard, the default credentials are: user: sgbox pass: […]