Blog Entries

29. 03. 2019 Angelo Rosace Log Auditing, NetEye

Host Creation via Icingacli Commands for Monitoring and Deploying a Safed Agent Configuration

Creating hosts in NetEye’s Director module can sometimes be time-consuming and a repetitious, tiring and boring job. Especially if you have to populate Director with a large number of hosts for setting up a test environment, for example. One solution is to create a script consisting of nothing but icingacli commands. Each command line instruction… Read More

25. 03. 2019 Oreste Attanasio Information Security Operations Center, Log Auditing, Microsoft Management, NetEye

Safed improvements since 1.10.1

The Safed agent keeps track of the events it receives from the Eventlog by keeping the LastEventID in registry. At start time the agent tries to retrieve all events from Windows Eventlog since starting from the LastEventID. When the amount of events since LastEventID is too large or the LastEventID has been removed from the… Read More

07. 02. 2019 MarinovMihail Information Security Operations Center, NetEye, Uncategorized

Secure Connections for the Safed Agent

The Safed agent can be configured via https and send its collected logs to the log collector though a TLS connection. The latest released version – 1.9.1 – supports TLS 1.2 (at a minimum) and TLS 1.3. The first step is to upload the private key, the local certificate and the CA certificate to the… Read More

03. 12. 2015 MarinovMihail Log Auditing, NetEye, Syslog

Trace Windows Administrators Login Activities with Safed

Sometimes it is required to trace login/logoff activities of the administrator in order to be compliant with legal guidelines or simply for security reasons (see also our article “What to do with all those logs“). The Safed agent for Windows can be easily configured to collect administrator’s login/logoff. The agent is deployed with some administrator discovery commands,… Read More

06. 12. 2013 MarinovMihail NetEye, Syslog

Windows process tracking with Safed

As well known, the Safed agent for Windows can collect events from the event log, filters them and forward the matched records to a centralized syslog server. There are some preconfigured set of events concerning basic activities that have to be tracked. The first one, and probably the most famous due to existing law conformity… Read More

26. 10. 2010 Patrick Zambelli Log Auditing, Syslog

Centralized syslog agent configuration for SAFED

Today’s blog article will highlight the latest news from the Syslog Server development area. The focus lays on the integration of the distributed syslog agents into the SyslogView module of the NetEye server. The motivation for this strategic implementation is the acceleration of the installation – only a single MSI executable without user iteration has… Read More

14. 09. 2010 MarinovMihail Log Auditing, Syslog

Download dell’agente Safed

L’agente Safed 1.3.1 per Windows e UX e disponibile per il download nella sezione Safed Area della pagina Downloads

31. 08. 2010 MarinovMihail Log Auditing, Syslog

L’agente Safed 1.3.0 per Windows

Recentemente e’ stata rilasciata la versione 1.3.0 dell’agente Safed per Windows. La novità presente in questa versione e’ l’integrazione del discovery automatico degli amministratori di sistema (AS). L’agente ora e’ in grado di scoprire in automatico gli amministratori locali, di dominio e quelli dell’enterprise. Una volta scoperti gli amministratori, l’agente si riconfigura per filtrare gli… Read More

04. 06. 2010 Marco Sperini Log Auditing, NetEye, Syslog

I nuovi agent safed

Safed e` l’acronimo di Security Auditing ForwardEr Daemon ed e` la nuova suite di agent open source sviluppata a partire dalla base fornita dagli agent SNARE di Intersect Alliance, che viene proposta ed utilizzata da NetEye. Fino a poco tempo fa, nelle installazioni NetEye per l’adeguamento al provvedimento del Garante della Privacy del 24/12/2008 si… Read More

Archive