Trunc is a centralized logging platform designed to streamline log management by consolidating all your system and application logs in one place. To get started, you’ll need to configure your system to send logs to the Trunc platform. This guide will walk you through setting it up on a Windows…
Trunc is a centralized logging platform designed to consolidate your system and application logs in one place. To get started, you’ll need to configure your system to send logs to Trunc. This guide will walk you through four different methods to do so: Method 1: Using the Trunc Agent The…
In accordance with most compliance requirements, all activity on your account is logged. You can access the activity logs via the Settings > Security page in your dashboard. You will see a card that reads Security Log. This log will record all changes made to the account (e.g., adding new IPs) and record…
Trunc allows all users to add other users to their account via the user management panel in your dashboard. Click Add new User to add a new user: You can set 4 distinct roles: Name Description Admin / Owner This role owns the account, and is able to cancel the subscription and add users….
Collecting and aggregrating logs is only one piece of a log management strategy. The second piece is being able to quickly identify when an event occurs that requires action. We help achieve this level of awareness via our notification engine. Trunc provides a powerful notification engine that allows an administrator…
Set 2FA on your account via the Settings > Security page in your dashboard. You will see a card that reads 1FA – Two Factor Authentication. Here you will hold your phone up to the QR code using your favorite 2FA authentication app. It will generate a code, enter that code and click…
OSSEC HIDS (Host Intrusion Detection System) was originally developed by Daniel Cid, one of our founders. Many of our internal installations utilize a custom version that has been branched off from the community releases. This guide will provide an overview of OSSEC and dive into configurations to effectively log website…
Connection issues between agents and the OSSEC manager can occur for various reasons. In this guide, we’ll walk you through a few steps to help troubleshoot these communication problems. Step 1: Check the Status of Agents The first step is to check the status of your agents using the agent_control…
Syscheck is the integrity-checking daemon within OSSEC, designed to identify and report changes within system files. How Syscheck Works When you first install OSSEC, it performs an initial syscheck scan. This scan captures the checksum of every file specified in your configuration file (/var/ossec/etc/ossec.conf), creating a baseline. Syscheck uses this…
Open Source Security (OSSEC) is a Host-Based Intrusion Detection System (HIDS) that enables efficient collection, analysis, and correlation of events across your entire infrastructure. It can be deployed on various endpoints, from network devices (e.g., routers, switches) to individual systems (e.g., servers, desktops, laptops). Understanding the System Logging Protocol (Syslog)…