Hello alex! Thank you for getting back to me on the matter. Yes that is defenetly ana idea. On the other hand i am more interested in the response part of wazuh in which i could change policies and modify them based on a threat that occured in my network. Through wazuh using a script.
Do you think that would be possible? I look forward to hearing back from you Regards Jean matar Sent from Outlook Mobile<https://aka.ms/blhgte> ________________________________ From: Alex Kisakye <kisa...@gmail.com> Sent: Sunday, April 12, 2020 7:43:17 AM To: packetfence-users@lists.sourceforge.net <packetfence-users@lists.sourceforge.net> Cc: Jean Matar <jean.ma...@net.usj.edu.lb> Subject: Re: [PacketFence-users] Packetfence integration with Wazuh Hello? Off the top of my head, I think you can install the Wazuh agent on Packetfence box and parse the logs from pf. The agent will send logs into Wazuh (elasticsearch+kibana) and from Wazuh, you can do analysis/correlation etc Alex On Sun, Apr 12, 2020 at 1:00 PM Jean Matar via PacketFence-users <packetfence-users@lists.sourceforge.net<mailto:packetfence-users@lists.sourceforge.net>> wrote: Hello all ! My name is jean and i am a cyber security master's student. as a project we were assigned the task of checking if we could integrate wazuh (https://wazuh.com/), Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.) with packet fence as a way to check for anomalies on a device upon registration , and for corrective actions from the siem solution on to packet fence. Does anyone have any information regarding the matter and if it is possible ? Any help is much appreciated ! Thank you for your assistance Regards _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
