Hello? Off the top of my head, I think you can install the Wazuh agent on Packetfence box and parse the logs from pf. The agent will send logs into Wazuh (elasticsearch+kibana) and from Wazuh, you can do analysis/correlation etc
Alex On Sun, Apr 12, 2020 at 1:00 PM Jean Matar via PacketFence-users < packetfence-users@lists.sourceforge.net> wrote: > Hello all ! > > My name is jean and i am a cyber security master's student. as a project > we were assigned the task of checking if we could integrate wazuh ( > https://wazuh.com/), Wazuh is a free, open source and enterprise-ready > security monitoring solution for threat detection, integrity monitoring, > incident response and compliance.) with packet fence as a way to check for > anomalies on a device upon registration , and for corrective actions from > the siem solution on to packet fence. > > Does anyone have any information regarding the matter and if it is > possible ? > > Any help is much appreciated ! > > Thank you for your assistance > > Regards > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
