all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

How to: Parsing AuditD Syslog in Microsoft Sentinel with a function and combining the events by EventID

Add to bookmarks
May 5, 2024, 5:02 p.m. | /u/thattechkitten

For [Blue|Purple] Teams in Cyber Defence www.reddit.com

New Article on how to parse AuditD events in Microsoft Sentinel for threat hunting and threat detection.
https://medium.com/@truvis.thornton/how-to-parsing-auditd-syslog-in-microsoft-sentinel-with-a-function-and-combining-the-events-by-eve-a65f418cfef1

article auditd blueteamsec detection events function hunting microsoft microsoft sentinel parsing sentinel syslog threat threat detection threat hunting

Visit resource

More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence

Empowering enterprise security at scale with new product innovations: YubiKey 5.7 and Yubico Authenticator 7 21 hours ago | www.reddit.com
authenticator blueteamsec enterprise enterprise security +6
How To: Use UFW(Uncomplicated Firewall) and Send the logs to Sentinel and Parse with a … 1 day ago | www.reddit.com
blueteamsec check connections easy +8
Discover Proton Mail registration date with one weird trick… 1 day, 20 hours ago | www.reddit.com
blueteamsec date discover mail +5
NATO Deputy Secretary General: we must be big on cyber defence ambitions 1 day, 22 hours ago | www.reddit.com
big blueteamsec cyber cyber defence +4
YARA is dead, long live YARA-X 1 day, 23 hours ago | www.reddit.com
blueteamsec dead live yara
BSI is suing Microsoft to release information about security disasters 2 days, 3 hours ago | www.reddit.com
blueteamsec bsi disasters information +3
The 471 Cyber Threat Report 2024 2 days, 11 hours ago | www.reddit.com
blueteamsec cyber cyber threat cyber threat report +3
Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets 3 days ago | www.reddit.com
azure blueteamsec employee expose +6
Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID 3 days, 1 hour ago | www.reddit.com
blueteamsec cleaning icedid latrodectus +1

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Associate Vulnerability Management Specialist

@ Diebold Nixdorf | Hyderabad, Telangana, India
View on infosec-jobs.com

Cybersecurity Architect, Infrastructure & Technical Security

@ KCB Group | Kenya
View on infosec-jobs.com

Security Analyst SOC (m/w/d)

@ Deutsche Telekom | Bonn, Deutschland
View on infosec-jobs.com