With those on the attacking end (penetration testers, red teamers) being associated with the red color and those on the defending end (SOC analysts, threat hunters) being associated with the blue color. Within the information security community, colors have been ascribed to the attack/defense spectrum. What is purple teaming?īefore diving head first into the tooling, attacks & defenses, we should pause for a moment and outline what purple teaming is and why it's a powerful tool for developing defenses for complex applications and networks. We will provision and configure this lab, send the relevant telemetry to a free Sumo Logic instance and track our testing activities using the awesome Vectr tool. Now, let’s extend this work and outline how to set up a Kubernetes home lab. The Sumo Logic team has previously authored articles on Kubernetes DevSecOps vulnerabilities and best practices as well as Kubernetes logging and monitoring. From a threat detection standpoint, however, it is often difficult for newcomers to this space to gain the relevant hands-on experience without trampling over production environments. Our goal is to eventually publish these dashboards via a real Sumo Logic app, so that it's automatically available to all users.Kubernetes, and containerization in general, has a wealth of benefits for many teams operating cloud-native applications. We'd love to hear what you think, especially if you've got a great idea that we should incorporate back into our original version. Here are the saved searches we've created so far: ![]() Once it's available through your account, you're free to customize it, add to it, create alerts based on the searches, or really anything else that you find useful! If you're a Sumo Logic customer and are interested in trying out these dashboards, just let us know via Support Center (be sure to include your Sumo Logic account name) and we will gladly share it with you. The Sumo Logic for Auth0 dashboards show you the output of several saved searches all on one easy to read screen, and makes it easy to zoom in or drill down when something looks interesting. To help us (and our customers) visualize these logs, we spent some time creating a couple of dashboards. Sumo Logic makes it easy to see the latest failed logins, find and alert on error messages, create charts to visualize trends, or even do complex statistical analysis on your data. We have been using the Auth0 to Sumo Logic extension ourselves since it was first released, and it's proven to be very useful for staying on top of what's happening with our own Auth0 accounts and our internal users (employees). The resulting chart will look something like this: | transpose row _timeslice column client_name Want to create a chart showing the popularity of a particular client based on the number of logins per hour over a few days? Sure, you can do that in Sumo Logic with just a few commands: _sourceCategory =auth0_logs salesforce | json auto | timeslice 1h | count user_name | top 10 user_name by _count Getting the top 10 users for a given time period is as easy as this query: _sourceCategory =auth0_logs | json auto A simple search like _sourceCategory =auth0_logs will show you the most recent log events. We recommend naming the source category auth0_logs.ĭata should begin appearing in Sumo Logic a few minutes after you enable the extension. If you don't already have one, follow the Sumo Logic instructions for creating an HTTP source and paste the URL it generates into the Auth0 extension configuration settings. One piece of information you will need to supply is the URL of your Sumo Logic HTTP collector endpoint. You'll need to decide on a few simple settings, but the defaults are all reasonable. Once enabled, the extension configuration screen will be displayed. ![]() Simply login, click on Extensions, then find and click on the Sumo Logic icon to configure and enable the extension. It's super easy to install the "Auth0 Logs to Sumo Logic" extension right from your Auth0 account Dashboard.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |