Navigation section
alienvault
About this tag
AlienVault is a security information and event management (SIEM) platform used to log and monitor events from Windows servers. In the WindowsForum.com community, users discuss integrating AlienVault with Windows Event Logs to track security events, such as audit policy changes, and to debug recurring alerts. The platform helps improve security visibility by correlating logs from sources like SentinelOne. AlienVault is also referenced in the context of the NIST Cyber Security Framework for enhancing enterprise security posture. Topics include event ID analysis, alert tuning, and best practices for Windows 2019 server environments.
-
T
I need some assistance finding out what is causing this Event Log Auditing event
I am using Alienvault to log our SIEM Events from our Windows 2019 servers, and I am trying to find out how to debug what is causing this recurring Auditing Event in our Windows Event Logs. I have found out that SentinelOne is scanning this file at the time, but is there a way to see what...- tpancrazio
- Thread
- alienvault audit policy change auditing events computer name debugging detection change event log event tracking log management recurring events security security audits sentinelone siem windows security windows server 2019
- Replies: 1
- Forum: Windows Server Forums
-
CISO Perspective: How using the NIST Cyber Security Framework improves security visibility
Sponsored by: AlienVault Link Removed- News
- Thread
- alienvault ciso cybersecurity framework nist security visibility
- Replies: 1
- Forum: Live RSS Feeds