The Safed agent for AIX version 7.1 now supports TLS 1.3 based on WolfSSL 3.15.7. The Safed agent 1.10.1 for UX is available on our github repository. Follow the steps described in the README file to compile and install both wolfssl 3.15.7 and safed 1.10.1 After that is will be possible to configure the secure…
Read MoreCreating hosts in NetEye’s Director module can sometimes be time-consuming and a repetitious, tiring and boring job. Especially if you have to populate Director with a large number of hosts for setting up a test environment, for example. One solution is to create a script consisting of nothing but icingacli commands. Each command line instruction…
Read MoreThe Safed agent keeps track of the events it receives from the Eventlog by keeping the LastEventID in registry. At start time the agent tries to retrieve all events from Windows Eventlog since starting from the LastEventID. When the amount of events since LastEventID is too large or the LastEventID has been removed from the…
Read More– Retrieved events from eventlog (win 2008 +) starts from bookmark but should not be older than defined cache days
Read MoreThe Safed agent can be configured via https and send its collected logs to the log collector though a TLS connection. The latest released version – 1.9.1 – supports TLS 1.2 (at a minimum) and TLS 1.3. The first step is to upload the private key, the local certificate and the CA certificate to the…
Read MoreAufgrund der aktuellen gesetzlichen Richtlinien, aber auch aus ganz einfachen Security-Überlegungen (siehe dazu auch unseren Artikel “Was tun mit den ganzen Logs“), ist es notwendig die Login/Logoff Aktivitäten des Admins mitzuloggen. Der Safed Agent für Windows kann ganz einfach so konfiguriert werden, dass alle Login/Logoff-Versuche des Admins aufgezeichnet werden. Der Agent verfügt über ein „System…
Read MoreSometimes it is required to trace login/logoff activities of the administrator in order to be compliant with legal guidelines or simply for security reasons (see also our article “What to do with all those logs“). The Safed agent for Windows can be easily configured to collect administrator’s login/logoff. The agent is deployed with some administrator discovery commands,…
Read MorePer poter adempiere alle richieste del Garante della Privacy, ma anche per motivi di sicurezza (vedi anche il nostro articolo “Archiviazione dei log e poi?“), è necessario registrare tutte le attività di login/logoff degli amministratori di sistema. L’agente Safed per Windows può essere configurato in modo da raccogliere tutti i tentativi di login e logoff…
Read MoreThe new 1.8.0 version of Safed enables the collection of log events from Applications and Services Logs (custom EventLogs). An example of custom log collection configuration is shown in the following screenshot. In the custom dropdown list the registered Applications and Services Logs are shown. The same list can be seen using the Windows Event…
Read MoreTalvolta, specialmente per questioni di sicurezza è importante sapere, se le porte USB di un server siano state usate, e se sì, quali attività sono state effettuate. Con la nuova versione dell’agente Safed 1.7.0 possiamo monitorare le porte USB per Windows Vista 2008 e versioni superiori. L’agente può ricevere notifiche di eventi WMI che riguardano…
Read MoreOft ist es wichtig zu wissen ob die USB-Ports eines Servers benutzt wurden und falls ja, welche Operationen durchgeführt wurden. Mit der neuen Version des Safed Agent 1.7.0 ist es möglich USB-Ports für Windows Vista 2008 und höhere Versionen, zu überwachen. Der Agent kann WMI-Event-Notifikationen, welche die Zielinstanz „Win32_PnPEntity“ betreffen, empfangen. Die Events der Klassen…
Read MoreSometimes, especially for security reasons, it is important to know if the USB ports of a server have been used and what kind of operation has been carried out. Well, with the new version 1.7.0 of the Safed agent it is possible to monitor the USB ports for Windows Vista 2008 and later versions. Now…
Read More