How To: Use UFW(Uncomplicated Firewall) and Send the logs to Sentinel and Parse with a function for easy querying/viewing | allinfosecnews.com

May 18, 2024, 3:53 p.m. | /u/thattechkitten

For [Blue|Purple] Teams in Cyber Defence www.reddit.com

Want to use your Firewall logs in Sentinel to check for connections and network activity? This guide will explain it all.

[https://medium.com/@truvis.thornton/how-to-use-ufw-uncomplicated-firewall-and-send-the-syslogs-to-sentinel-and-parse-the-events-for-48dccb8adc13](https://medium.com/@truvis.thornton/how-to-use-ufw-uncomplicated-firewall-and-send-the-syslogs-to-sentinel-and-parse-the-events-for-48dccb8adc13)

Not sure how to get logs into Sentinel? Check this:

[https://medium.com/@truvis.thornton/how-to-install-and-setup-azure-arc-ama-azure-monitor-agent-and-dcr-data-collection-rules-for-47381ee9d312](https://medium.com/@truvis.thornton/how-to-install-and-setup-azure-arc-ama-azure-monitor-agent-and-dcr-data-collection-rules-for-47381ee9d312)

blueteamsec check connections easy firewall function guide logs network network activity send sentinel

More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence

CVE-2024-24919 Check Point 0-Day Remote Access VPN - or - aCSHELL/../../../../../../../ homepage/admin/.ssh/id_rsa * ssh admin@Host … 20 hours ago | www.reddit.com

Australian court rules on appeal that Cyber Incident Response documents ARE NOT protected from legal … 23 hours ago | www.reddit.com

australian blueteamsec claim court +17

Snowflake Community: Detecting and Preventing Unauthorized User Access: Instructions 1 day, 14 hours ago | www.reddit.com

access blueteamsec community instructions +2

Linux rootkits explained – Part 1: Dynamic linker hijacking, Part 2: Loadable kernel modules 1 day, 14 hours ago | www.reddit.com

blueteamsec dynamic explained hijacking +5

NSA Releases Guidance on the Visibility and Analytics Pillar of Zero Trust 1 day, 15 hours ago | www.reddit.com

analytics blueteamsec guidance nsa +4

Exiled, then spied on: Civil society in Latvia, Lithuania, and Poland targeted with Pegasus spyware 2 days, 3 hours ago | www.reddit.com

blueteamsec civil civil society latvia +6

How malware authors play with the LNK file format 2 days, 14 hours ago | www.reddit.com

authors blueteamsec file lnk +3

The Pumpkin Eclipse 2 days, 17 hours ago | www.reddit.com

blueteamsec eclipse pumpkin

The Best Way to Start with AWS Security Hub 2 days, 17 hours ago | www.reddit.com

aws aws security hub blueteamsec hub +3

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com