The service seems promising and may be easy to be use. I spent just <5 minutes for registration & saw the following GUI:
Bindplane is like a deployment & centralized configuration tool for managing collectors.
The first result may be:
But there are lots of things to be done for security monitoring purposes, e.g. correlations, alerts, I guess. So we may have a look at its supported destination, GCP Logging later.
Updated at 11:46 PM:
GCP Logging https://cloud.google.com/logging & Logs Explorer are not so good as expected.
https://console.cloud.google.com/logs/query
Query:
logName="projects/quickstart-1602463953025/logs/windows.event"-jsonPayload.message="The system failed to register host (A or AAAA) resource records (RRs) for network adapter\r\nwith settings:"-jsonPayload.message="7021 - Connection telemetry fields and analysis usage"
So we may turn back to the first solution (Spl).
No comments:
Post a Comment