lme
checkmk
lme | checkmk | |
---|---|---|
11 | 83 | |
684 | 1,324 | |
- | 2.5% | |
3.4 | 10.0 | |
about 1 year ago | 2 days ago | |
Shell | Python | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
lme
-
SysMon
This may help https://github.com/ukncsc/lme/blob/master/docs/chapter2.md
- Syslog Analyistics for cyberSecurity
-
500+ windows server logging
But if you're still commited: there are too many variables to calculate it with any amount of certainty but you can measure it. Start off by setting up event forwarding on a small batch of test servers with only security audit logs included in the default configuration. Let it run for a few days and measure the usage and extrapolate from there. How to do most of it, you're going to find from MS documentation, but NCSC has a nice summary of it here: https://github.com/ukncsc/lme
- Active Directory monitoring
-
What are the Implications of an automation tool, using PsExec to execute commands (of any kind) on client machines, from a domain controller?
Much appreciated. I'm a sole IT guy in a small shop so always keen to hear what others have found. I'm looking at: https://github.com/ukncsc/lme and Security Onion...
- Sysmon for SME <50 employees?
- All sysmon event types and their fields explained
-
Free EDR solutions
https://github.com/ukncsc/lme is this
-
I want to buy a SIEM, but I don't know which one
Use something based off of a free version of Elasticsearch, like Logging Made Easy: https://github.com/ukncsc/lme or SIEMMonster or Security Onion.
-
Requesting /r/lme - zero posts in 9 years and one inactive mod.
Would also be repurposing sub to be a resource for Logging Made Easy, a community SIEM project by UKNCSC: https://github.com/ukncsc/lme
checkmk
-
Building a Managed Service Provider Business With Open Source
CheckMK - GitHub
-
Monitoring solution
CheckMK https://checkmk.com. You can spin this up in a docker container
-
"All in one monitoring solution"?
I use CheckMK to do all of this and more, except nutanix. But checkmk also can Monitor nutanix via the "Nutanix Prism" special agent Integration
-
Is there an alternative to BI Tools?
BI machine and NVR report to CheckMK Raw host so it's easy to see historic stats.
-
Uptime Monitor
I’m using https://checkmk.com/ to monitor stuff and it seems to work great. Lots of built in features and functions and if they don’t have what you need you can also create custom scripts to check and report on anything you can dream up. Runs great in docker (I’m using portainer but will run fine in plain old docker).
-
Actually usefull or uneccessary? SNMP, AD, Monitoring...
Have a look at CheckMK open source version is really good, you can spin it up in a docker container and is relatively easy to get some initial monitors going. As to whether it's worthwhile, I guess it depends how much you want to know how you servers are doing and when something goes wrong.
-
Monitoring Tools
Checkmk
- Anyway to monitor 20+ server in one single place?
-
Is there a dashboard of sorts that can keep track of my linux-based computers and VMs to that I can easily see if any of them have updates or are running low on storage and et cetera?
checkmk: https://checkmk.com/
-
What monitoring system do you use?
Checkmk I have use the "raw" (free) version and we now use the enterprise version. Both are very capable.
What are some alternatives?
TheHive - TheHive: a Scalable, Open Source and Free Security Incident Response Platform
LibreNMS - Community-based GPL-licensed network monitoring system
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
uptime-kuma - A fancy self-hosted monitoring tool
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
LibreNMS-docker - LibreNMS Docker image
eiq-er-ce - Community Edition of the EclecticIQ Endpoint Security Platform; An open source and extensible platform to manage and monitor endpoints, based on osqery agent
openITCOCKPIT - openITCOCKPIT is an Open Source system monitoring tool built for different monitoring engines like Nagios, Naemon and Prometheus.
CortexDocs - Documentation of Cortex
postgres - Docker Official Image packaging for Postgres
Grafana - The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
MeshCentral - A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.