Category: Uncategorized

How To Install ELK SIEM For Beginners – Complete Guide

Howard Mukanda Uncategorized January 2, 2020

In 2019, Elastic, the company that brought us the ELK (Elastic, Logstash and Kibana) stack released an ELK based SIEM (Security information and event management System). A SIEM is critical to the operation of a Security Operation Center. I made a video on my youtube channel that can show you some of the information that you
Read More »

How to Parse Snort IDS Logs in Graylog

Howard Mukanda Uncategorized August 17, 2019

Here is the rule that i used in the video: rule “Extract Snort alert fields” when has_field(“message”) then let m = regex(“\(\d+):(\d+):(\d+)\ \[Classification: (.+?)\] \[Priority: (\d+)]: \<(.+?)\> \{(.+?)\} (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(:(\d{1,5}))? -> (\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})(:(\d{1,5}))?\R?”, to_string($message.message)); set_field(“snort_alert”, true); set_field(“generator_id”, m[“0”]); set_field(“signature_id”, m[“1”]); set_field(“signature_revision_id”, m[“2”]); set_field(“description”, m[“3”]); set_field(“classification”, m[“4”]); set_field(“priority”, to_long(m[“5”])); set_field(“protocol”, m[“7”]); set_field(“src_addr”, m[“8”]); set_field(“src_port”, to_long(m[“10”])); set_field(“dst_addr”, m[“11”]); set_field(“dst_port”,
Read More »

How to graph IDRAC temperature, power usage and fan speed measurements in Grafana

Howard Mukanda Uncategorized December 15, 2018

In this tutorial I will show you how to get your Idrac sensor metrics into Grafana in no time. It’s a simple and straight forward process that took me an hour, mostly because I had to research it. It should take you no later than 20 minutes. The metrics that I will be sending to
Read More »

What is the best switch for a CCNA/CCNP R&S Lab?

Howard Mukanda Uncategorized October 18, 2018

In this video i show you the switch that i used for my CCNP R&S and why i think it is the best for your money.

Get Desktop Attached Monitor Information – PowerShell Script

Howard Mukanda Uncategorized November 14, 2017

Why we need this script Sysadmins admins need to keep track of their hardware inventory. Most software deployment systems such as SCCM and PDQ Deploy keep track of the computer info and can generate nice reports. What about the monitors? What if you need to know the monitor model, size and even serial number? There
Read More »

I got the CCNA Cyber Ops Scholarship

Howard Mukanda Uncategorized December 28, 2016

What is it? A few months ago, I applied for the new CCNA Cyber Ops scholarship. Cisco plans to offer scholarships to a new breed of cyber security professionals to cover the shortage of security pros. The application process was easy, it took me less than 5 minutes and I already had my application
Read More »

Why an IT pro Needs a Homelab

Howard Mukanda Uncategorized October 24, 2016

With the recent hikes in cyber attacks and rampant ransom-ware infections, it is more critical than ever for IT pros to be educated about cyber security and keep their skills up to date with current trends. One way to keep up with the latest security trends and sharpen security skills is to fire up a
Read More »