Splunk. The search tool is great, but has a bit of a learning curve to get it set up right. Watch some vids and you’ll be fine.
I only point a few devices at it and have been able to slide by with the free version for awhile now.
Splunk. The search tool is great, but has a bit of a learning curve to get it set up right. Watch some vids and you’ll be fine.
I only point a few devices at it and have been able to slide by with the free version for awhile now.
You’ll probably want to do it by dns name
Yes, but also piracy@lemmy.dbzer0.com has a tonnnnn of activity
Yeah, I’ve sent one to like, limestone network maybe? Or some other similar host. They responded within a few hours and the scans stopped from their IPs for a long time. Just provide logs of whatever you see. The NOC will be able to confirm or deny pretty quickly and take appropriate action.
If unifi supports syslog, then yes (I think it does but I don’t have it set up personally)