All public logs

Combined display of all available logs of Wiki. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).

• 15:14, 19 March 2025 Ebasso talk contribs created page IBM QRadar: AQL Queries (Created page with "The query below calculates the total uncompressed payload size stored on disk for each log source type in the last hour. SELECT LOGSOURCETYPENAME(deviceType) AS LogSource, MIN(STRLEN(UTF8(payload))) AS Minimum, MAX(STRLEN(UTF8(payload))) AS Maximum, AVG(STRLEN(UTF8(payload))) AS AverageSize, STDEV(STRLEN(UTF8(payload))) AS STD, COUNT(logsourceid) AS EventCount, LONG(EventCount * AverageSize) / (1024 * 1024) as TotalSizeUncompressedMB FROM events GROUP B...")
• 14:54, 19 March 2025 Ebasso talk contribs created page IBM Sterling Connect:Direct: Trocando a chave TLS do C:D (Created page with "= Trocando a chave SSL do Connect:Direct = Vamos criar uma chave 2024/2025 como exemplo: keytool -genkeypair -alias cdnode01_24_25 -keyalg RSA -keysize 2048 -validity 10 -keystore cdkeystore.p12 -storetype PKCS12 \ -sigalg SHA384withRSA -dname "CN=cdnode01.ebasso.net, O=EbassoNet, ST=Goias, C=BR" Enter keystore password: Re-enter new password: Generating 2,048 bit RSA key pair and self-signed certificate (SHA384withRSA) with a validity of 10 days for: CN=cdn...")
• 21:28, 31 January 2025 Ebasso talk contribs created page IBM QRadar: Recreate a set of daily backup files containing only data from the past month (Created page with " == Problem == User wants to recreate a set of daily backup files containing only data from the past month. The backup tool does not seem to offer this option directly, and the user considered manually compressing files in the Ariel directory. However, this approach proved to be slow. == Solution == It was suggested to use the script /opt/qradar/support/manual_data_backup.sh to perform the backup more efficiently. '''Another point''': The user tested the script i...")
• 18:54, 31 January 2025 Ebasso talk contribs moved page IBM QRadar: Configuração pra Envio de Email to IBM QRadar: Envio de Email without leaving a redirect
• 18:53, 31 January 2025 Ebasso talk contribs created page IBM QRadar: Ofensas (Created page with " * [https://www.ibm.com/docs/en/qsip/7.5?topic=siem-offense-management Gerenciamento de Ofensas] * [https://community.ibm.com/community/user/security/blogs/ashish-kothekar/2021/07/07/how-qradar-offense-renaming-works How QRadar Offense Renaming works] = Ver também = * Artigos sobre IBM QRadar * Mais Artigos sobre Cloud / WebDev / Tecnologias Category:IBM QRadar")
• 18:50, 31 January 2025 Ebasso talk contribs created page IBM QRadar: Ariel Query Language (AQL) (Created page with "= Ariel Query Language (AQL) = * [https://www.ibm.com/docs/en/qradar-on-cloud?topic=aql-query-structure AQL Query structure] : Use Ariel Query Language (AQL) to extract, filter, and perform actions on event and flow data * [https://www.ibm.com/docs/en/qradar-on-cloud?topic=aql-ariel-query-language Ariel Query Language] : Funções para transformação, agregação da AQL = Ver também = * Artigos sobre IBM QRadar * Tecnologias| Mais Artigos sobre...")
• 10:28, 23 January 2025 Ebasso talk contribs moved page IBM QRadar : Principais Comandos e Arquivos to IBM QRadar: Principais Comandos e Arquivos without leaving a redirect
• 10:27, 23 January 2025 Ebasso talk contribs created page IBM QRadar: Backup de configurações e dados do QRadar (Created page with "* [https://www.ibm.com/docs/en/SS42VS_7.5/com.ibm.qradar.doc/t_qradar_adm_conf_shed_nt_bkup.html Configurando a execução dos Backups] * [https://www.ibm.com/docs/en/SS42VS_7.5/com.ibm.qradar.doc/t_qradar_adm_creat_on_dmd_conf_bkup_arch.html Creating an on-demand configuration backup archive] * [https://www.ibm.com/docs/en/SS42VS_7.5/com.ibm.qradar.doc/t_qradar_adm_backup_fail_email.html Configurando emails de notificação em caso de falha no Backup] = Ver também =...")
• 10:19, 23 January 2025 Ebasso talk contribs created page IBM QRadar: Configuração pra Envio de Email (Created page with "Procedimento para configurar o IBM QRadar pra Envio de Emails = Procedimento = ==Configurar o Email Server Management== No Console, vá em '''Admin > Email Server Management''' Clique nos (três pontos) para editar a configuração default. Preencha os campos obrigatórios: * '''Hostname''': Nome do servidor SMTP. * '''Port''': Porta utilizada pelo SMTP (default 25) * '''Description''': Descrição da conexão. * '''Username''': usuário para conexão. * '''Passwor...")
• 10:09, 23 January 2025 Ebasso talk contribs created page IBM QRadar: Importação em Redes em Lote via REST API (Created page with "'''<big>Importante: Ao adicionar novas redes é necessário fazer o backup da configuração atual, pois ao executar a REST API, ela vai SUBSTITUIR a configuração atual.</big>''' =Procedimento= ==Criar uma Chave de Acesso== No Console, vá em '''Admin > Authorized Services''' Clique em '''Add'''. Preencha os campos obrigatórios: '''Authorized Service Label''': identificação. '''Tenant''': Informe N/A '''Security Profile''': Informe Admin. '''User Role''': I...")
• 18:46, 19 January 2025 Ebasso talk contribs created page IBM QRadar: Rules (Created page with "Uma Rule (regra) é um grupo de testes que podem desencadear uma ação se condições específicas forem atendidas. = Artigos = * [https://community.ibm.com/community/user/security/blogs/gladys-koskas1/2022/09/29/everything-you-need-to-know-about-qradar-rules Everything you need to know about QRadar Rules (for beginners and experts)] * [https://github.com/SigmaHQ/sigma (Github) Sigma - Generic Signature Format for SIEM Systems] = Exemplos = {| class="wikitable" |...")
• 14:45, 19 January 2025 Ebasso talk contribs created page IBM QRadar: Device Support Module (DSM) (Created page with "* [https://github.com/IBM/IBM-QRadar-Universal-Cloud-REST-API/tree/master/Community%20Developed DSM GitHub Community Developed] = Ver também = * Artigos sobre IBM QRadar * Artigos sobre Cloud * Mais Artigos sobre Cloud / WebDev / Tecnologias Category:IBM QRadar")
• 14:11, 14 January 2025 Ebasso talk contribs created page IBM QRadar: Use Case Manager app (Created page with " * [https://www.ibm.com/docs/en/qradar-common?topic=apps-qradar-use-case-manager-app QRadar Use Case Manager app] == Rules== * when the event matches '''this''' AQL filter query : cria Rule que é disparado através do resultado de um query AQL = Ver também = * Artigos sobre Cloud * Mais Artigos sobre Cloud / WebDev / Tecnologias Category:IBM QRadar")
• 10:13, 13 January 2025 Ebasso talk contribs created page IBM QRadar : Principais Comandos e Arquivos (Created page with "= Principais arquivos = A instalação padrão fica no diretório: /opt/qradar/ |- bin/ | |- qchange_netsetup -> Realiza a troca de IP, DNS, ... | |- msgfile.cfg | |- <NODE_NAME> | | | |- [https://..... initparm.cfg] -> variáveis de inicialização | | | |- netmap.cfg -> = Ver também = * Artigos sobre IBM QRadar * Mais Artigos sobre Cloud / WebDev / Tecnologias Category:IBM QRadar")
• 02:02, 10 January 2025 Ebasso talk contribs created page IBM QRadar (Created page with " == Referencias == * [https://www.ibm.com/docs/pt-br/qsip/7.5?topic=deployment-qradar-architecture-overview Visão geral da arquitetura do QRadar] :: Ao planejar ou criar sua implementação do IBM QRadar , é útil ter um bom conhecimento da arquitetura do QRadar para avaliar como os componentes do QRadar podem funcionar em sua rede e, em seguida, planejar e criar sua implementação do QRadar . * [https://www.ibm.com/docs/en/dsm?topic=configuration-qradar-supported-d...")
• 16:52, 19 December 2024 Ebasso talk contribs created page IBM Sterling Connect:Direct : Submit a file using a command line in C:D MS-Windows (Created page with " = Create cdfdef.bin = Follow instructions here https://www.ibm.com/support/pages/connectdirect-windows-how-do-i-create-cddefbin-file-lcubat = Create a sample01.cdp file = <nowiki> submit sample01 PROCESS SNODE=NODE1 step01 COPY FROM ( FILE=/tmp/file1.txt PNODE ) TO ( FILE=/tmp/file1.delete SNODE DISP=rpl ) PEND; quit; </nowiki> = Run command Direct.exe = cd "D:\IBM\ConnectDirect\Common Tools" direct.exe -f cddef.bin < sample01.cdf...")
• 18:31, 3 December 2024 Ebasso talk contribs created page AIX: Filtering content in AIX Audit (Created page with "You can apply filter rules in file: * /etc/security/audit/bincmds * /etc/security/audit/streamcmds = Using auditselect = Add to bincmds or streamcmds: /usr/sbin/auditstream | /usr/sbin/auditselect -m -e "command != logger && command != auditstream" | auditpr -t0 -h eclrRpPd -w = Using auditselect rules in file = Add to bincmds or streamcmds: /usr/sbin/auditstream | /usr/sbin/auditselect -m -f /etc/security/audit/audit_select | auditpr -t0 -h eclrRpPd -w Crea...")
• 18:12, 3 December 2024 Ebasso talk contribs moved page AIX: Configurando o Audit in BIN Mode to AIX: Configure AIX Audit in BIN Mode without leaving a redirect
• 18:11, 3 December 2024 Ebasso talk contribs moved page AIX: Configurando o Audit in Stream Mode to AIX: Configure AIX Audit in Stream Mode without leaving a redirect
• 18:05, 3 December 2024 Ebasso talk contribs created page AIX: Configurando o Audit in BIN Mode (Created page with " = Configure Audit = == Step 1: Create a Backup of the Files == To ensure safety, create backups of the audit configuration files: cd /etc/security/audit cp config config_original cp streamcmds streamcmds_original == Modify the File /etc/security/audit/config == start: ignorenonexistentity = no binmode = on streammode = off fullpath = on ... custom_audit =FILE_Open,FILE_Read,FILE_Write,FILE_Rename,...,PROC_Execute,USER_Shel...")
• 17:58, 3 December 2024 Ebasso talk contribs moved page AIX: Configurando o Audit for Streams to AIX: Configurando o Audit in Stream Mode without leaving a redirect
• 17:57, 3 December 2024 Ebasso talk contribs created page AIX: Configurando o Audit for Streams (Created page with " = Configure Audit = == Step 1: Create a Backup of the Files == To ensure safety, create backups of the audit configuration files: cd /etc/security/audit cp config config_original cp streamcmds streamcmds_original == Modify the File /etc/security/audit/config == start: ignorenonexistentity = no binmode = off streammode = on fullpath = on ... custom_audit =FILE_Open,FILE_Read,FILE_Write,FILE_Rename,...,PROC_Execute,USER_Shel...")
• 17:37, 3 December 2024 Ebasso talk contribs created page IBM Sterling B2B: Create a BP to get a file in IBM Cloud Object Storage (S3 storage) (Created page with " <process name="Demo_MinioS3ClientGet"> <sequence> <operation name="AWSS3 Get Service"> <participant name='AWSS3Client'/> <output message='xout'> <assign to='action'>get</assign> <assign to="awss3.endpoint">'''<nowiki>s3.us-south.cloud-object-storage.appdomain.cloud</nowiki>'''</assign> <assign to="awss3.bucketname">'''sfg-cos-teste-ebasso'''</assign> <assign to="awss3.filename">'''arquivo_teste.txt'''</assign> <a...")
• 22:09, 15 November 2024 Ebasso talk contribs created page File:Seas-ldap-query-definition-04.png
• 22:09, 15 November 2024 Ebasso talk contribs uploaded File:Seas-ldap-query-definition-04.png
• 22:07, 15 November 2024 Ebasso talk contribs created page File:Seas-ldap-query-definiton-03.png
• 22:07, 15 November 2024 Ebasso talk contribs uploaded File:Seas-ldap-query-definiton-03.png
• 22:04, 15 November 2024 Ebasso talk contribs deleted page File:Seas-ldap-query-definition.png (Deleted old revision 20241115220413!Seas-ldap-query-definition.png)
• 22:04, 15 November 2024 Ebasso talk contribs uploaded a new version of File:Seas-ldap-query-definition.png
• 22:03, 15 November 2024 Ebasso talk contribs created page File:Seas-ldap-query-definition.png
• 22:03, 15 November 2024 Ebasso talk contribs uploaded File:Seas-ldap-query-definition.png
• 22:01, 15 November 2024 Ebasso talk contribs uploaded a new version of File:Seas-add-con-01.png
• 21:58, 15 November 2024 Ebasso talk contribs created page File:Seas-add-con-01.png
• 21:58, 15 November 2024 Ebasso talk contribs uploaded File:Seas-add-con-01.png
• 12:06, 13 November 2024 Ebasso talk contribs created page IBM Sterling External Authentication Server (SEAS): Configuration to Microsoft Active Directory (Created page with "We need to create an authentication profile in SEAS. '''Important: The profile name given must be used in the configuration of other products.''' = Procedure = == Accessing the administration console == Open a browser and go to the URL: https://<seas_server_ip>:9080 = Configuring the System-Wide LDAP Connection Definition = We will create a global LDAP connection. 1) Click on the menu '''Manage > System Setting''' and select the '''Connection Definitions''' tab....")
• 11:57, 13 November 2024 Ebasso talk contribs created page IBM Sterling Control Center: Monitoração do IBM Sterling External Authentication Server (Created page with "Para configurarmos o Control Center Monitor para monitorar um servidor SEAS, são necessários 2 passos: # Configurar um webservice no B2Bi para ser usado pelo Control Center. # Adicionar o servidor B2B no Control Center =Procedimento= == Acessando o console de administração== Através do Browser, acessar a url http://<ip_servidor_seas>:9080 == Configurando o Health == 3) Vá no menu '''System Settings''' 4) Vá na aba '''Health Check Monitoring''' e defina os...")
• 11:55, 13 November 2024 Ebasso talk contribs moved page IBM Sterling Control Center: Monitoração do IBM Sterling External Authentication Server to IBM Sterling Control Center: Monitoração do IBM Sterling External Authentication Server V6.0 without leaving a redirect
• 14:17, 12 November 2024 Ebasso talk contribs uploaded a new version of File:Seas-monitoring-001.png
• 14:15, 12 November 2024 Ebasso talk contribs created page File:Seas-monitoring-001.png
• 14:15, 12 November 2024 Ebasso talk contribs uploaded File:Seas-monitoring-001.png
• 14:03, 12 November 2024 Ebasso talk contribs created page IBM Sterling External Authentication Server (SEAS): Configuração para OpenLDAP (Created page with "Devemos criar um perfil de autenticação no SEAS. '''Importante: O nome dado ao profile deverá ser usando na configuração dos demais produtos.''' = Procedure = == Acessando o console de administração== Através do Browser, acessar a url http://<ip_servidor_seas>:9080 = Configurando a System-Wide LDAP Connection Definition= Vamos criar uma conexão LDAP global 1) Clique no menu '''Manage > System Setting''' e clique na tab '''Connection Definitions'''. 2)...")
• 14:00, 12 November 2024 Ebasso talk contribs created page IBM Sterling External Authentication Server (SEAS): Configuração para MS Active Directory (Created page with "Devemos criar um perfil de autenticação no SEAS. '''Importante: O nome dado ao profile deverá ser usando na configuração dos demais produtos.''' = Procedure = == Acessando o console de administração== Abra um navegador e acesse a url: https://<ip_servidor_seas>:9080 = Configurando a System-Wide LDAP Connection Definition= Vamos criar uma conexão LDAP global 1) Clique no menu '''Manage > System Setting''' e clique na tab '''Connection Definitions'''. 2)...")
• 13:50, 12 November 2024 Ebasso talk contribs moved page IBM Sterling External Authentication Server (SEAS): Configuração para MS Active Directory to IBM Sterling External Authentication Server (SEAS V6.0): Configuração para MS Active Directory without leaving a redirect
• 13:50, 12 November 2024 Ebasso talk contribs moved page IBM Sterling External Authentication Server (SEAS): Configuração para OpenLDAP to IBM Sterling External Authentication Server (SEAS V6.0): Configuração para OpenLDAP without leaving a redirect
• 18:46, 24 October 2024 Ebasso talk contribs created page Java: MonitoraChar - Corrigindo caracteres estranhos em um banco de dados com java (Created page with " <nowiki> package monitoracaracteres; Abrir o arquivo em um editor Notepad++ para que os caractes estranhos sejam apresentados select count(1) as CONT from WIKIS.MEDIA where LABEL like '%�%'" update WIKIS.MEDIA SET TITLE=REPLACE(TITLE,' ','') where TITLE like '% %: import java.sql.Connection; import java.sql.DriverManager; import java.sql.ResultSet; import java.sql.Statement; * * * @author ebasso: public class MonitoraChar { private static Str...")
• 20:19, 17 October 2024 Ebasso talk contribs created page IBM Sterling Secure Proxy: Anti-Virus scanning over HTTP protocol with ICAP and Clamav (Created page with "<big>Document in Draft!!!</big> The integration of '''IBM Secure Proxy''' with '''c-icap''' and '''ClamAV''' enables a robust content security solution that scans files for viruses, malware, and other threats in real-time. This setup combines the secure routing and traffic management capabilities of IBM Secure Proxy with the content adaptation and antivirus scanning features of c-icap and ClamAV. First following this procedures: * Installing and Configuring ICAP...")
• 19:22, 1 October 2024 Ebasso talk contribs moved page IBM Sterling Secure Proxy: Enabling ICAP Anti-Virus scanning over Connect:Direct protocol to IBM Sterling Secure Proxy: Anti-Virus scanning over Connect:Direct protocol with ICAP and Clamav without leaving a redirect
• 19:01, 1 October 2024 Ebasso talk contribs uploaded a new version of File:Cd-adapter-01-03.png
• 19:01, 1 October 2024 Ebasso talk contribs uploaded a new version of File:Cd-adapter-01-02.png
• 19:01, 1 October 2024 Ebasso talk contribs uploaded a new version of File:Cd-adapter-01-01.png