nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqy89x53fpk4rax7fj0yuxy0ydtq4v2rfj6esyw6ahvq6azeqcl28qfeahud (nprofile…ahud) In addition to network telemetry, you may also want to consider collecting endpoint data from your hosts. The Elastic Agent can use the Defend integration to turn it into a reasonable EDR tool.
https://www.elastic.co/guide/en/security/current/endpoint-security-elastic-defend.html
This is a solid starting point for building visibility in the environment. But be aware that collecting Zeek and endpoint data from hosts will require rather a lot of storage for any reasonable amount of retention.
Taggart :donor: /
npub18w…6q6gg
2025-02-23 05:07:04
in reply to nevent1q…08ac
Author Public Key
npub18wjp9tztznztxlxka5ttn5nz448la7c9ckmvdvlptcupgud3ygdqj6q6ggPublished at
2025-02-23 05:07:04Event JSON
{
"id": "0631b13ae2976b5e59a3442db310895d178f8e18c9d97fc3a1ab34261a7005d5",
"pubkey": "3ba412ac4b14c4b37cd6ed16b9d262ad4ffefb05c5b6c6b3e15e381471b1221a",
"created_at": 1740287224,
"kind": 1,
"tags": [
[
"p",
"21ca6a4521b547d379327938623c8d582ac50d32d660476bb76035d16418fa8e",
"wss://relay.mostr.pub"
],
[
"p",
"9e08e88f664abd70b583209c193715fce47457b66be560951d0e7706fa545abe",
"wss://relay.mostr.pub"
],
[
"e",
"89bbd704ae38fc991159c47fd25743bd8c7a2c79a3d3128e78bf3fa26f828f16",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://infosec.exchange/users/mttaggart/statuses/114051463560860152",
"activitypub"
]
],
"content": "nostr:nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqy89x53fpk4rax7fj0yuxy0ydtq4v2rfj6esyw6ahvq6azeqcl28qfeahud In addition to network telemetry, you may also want to consider collecting endpoint data from your hosts. The Elastic Agent can use the Defend integration to turn it into a reasonable EDR tool.\n\nhttps://www.elastic.co/guide/en/security/current/endpoint-security-elastic-defend.html\n\nThis is a solid starting point for building visibility in the environment. But be aware that collecting Zeek and endpoint data from hosts will require rather a lot of storage for any reasonable amount of retention.",
"sig": "d37a7bba042d537cea7afbfd4eaa6e7b3cab4e388d8e4a81140abf55db78a172bee4a6e7011912d88d6569f13ede6df8c4a9db7c3ab0ba61a32d2415e89974e5"
}