@Jimmy9008 said in CSV... what happens at a lower level?:

That makes sense, would a drop from 1GB/s to 100MB/s be expected? Seems huge...

Depending on the system, yeah, especially with certain kinds of operations.

@IRJ said in Kibana Wazuh Agent isn't showing anything in integrity:

@DustinB3403 said in Kibana Wazuh Agent isn't showing anything in integrity:

Well I'm making progress, I at least have nginx responding when I hit the page with An error occurred during a connection to 192.168.1.100:5601. SSL received a record that exceeded the maximum permissible length.

Error code: SSL_ERROR_RX_RECORD_TOO_LONG

server { listen 80; listen [::]:80; listen 5601; listen [::]:5601; return 301 https://$host$request_uri; } server { listen 443 ssl; listen [::]:443; ssl_certificate /etc/pki/tls/certs/kibana-access.pem; ssl_certificate_key /etc/pki/tls/private/kibana-access.key; access_log /var/log/nginx/nginx.access.log; error_log /var/log/nginx/nginx.error.log; location / { auth_basic "Restricted"; auth_basic_user_file /etc/nginx/conf.d/kibana.htpasswd; proxy_pass http://localhost:5601/; } }

Why are you listening on 5601?

proxy_pass http://localhost:5601/; will redirect 5601 to 443

That is no longer in the file, I was testing with it. The below is current.

server { listen 80; listen [::]:80; return 301 https://$host$request_uri; } server { listen 443 ssl; listen [::]:443; ssl on; ssl_certificate /etc/pki/tls/certs/kibana-access.pem; ssl_certificate_key /etc/pki/tls/private/kibana-access.key; access_log /var/log/nginx/nginx.access.log; error_log /var/log/nginx/nginx.error.log; location / { auth_basic "Restricted"; auth_basic_user_file /etc/nginx/conf.d/kibana.htpasswd; proxy_pass http://localhost:5601/;

@DustinB3403 said in Wazuh - operational and can add agents - now what:

@IRJ said in Wazuh - operational and can add agents - now what:

So you already filtered it. Just click discover on top right

Doh that is so easy that I didn't even think that was it.

@DustinB3403

3a8e8726-f742-493d-a2cd-5f54c82ce4fb-image.png

It will makes sense of all the alerts and centralize everything

@Dashrender said in PDQ Drops Inventory (Deploy) Agent:

@coliver said in PDQ Drops Inventory (Deploy) Agent:

@warren-stanley said in PDQ Drops Inventory (Deploy) Agent:

@coliver from memory it allowed endpoint status display, along with connection when outside the corporate network for running commands and application management.

It was part of the subscription and didn't require any other additional setup - so was nice in theory.

Ah. Salt and Ansible can do similar things but would require some backend work.

Salt has an agent, right?

Yes, and Ansible can be setup in a Pull configuration so it can act like it has an Agent as well.

@Pete-S said in HFSPlus Read Write access on Fedora:

Why not Paragon drivers on Windows instead?

Virtualize and pass through to the VM.

Because I am operating this from fedora to sync the data to cloud.

Plus I need my work laptop portable.

@wrx7m said in Windows 10 Updates - Trigger "Update and Restart":

@IRJ said in Windows 10 Updates - Trigger "Update and Restart":

@wrx7m said in Windows 10 Updates - Trigger "Update and Restart":

@IRJ said in Windows 10 Updates - Trigger "Update and Restart":

@wrx7m said in Windows 10 Updates - Trigger "Update and Restart":

A simple restart command doesn't perform the update step, just the restart, so the update doesn't get applied.

This has been an issue for a very long time with windows. I am surprised it hasn't been fixed yet. It's really annoying

Well, at least with Win 7, a standard reboot applies updates. At least, I think it does. The main difference between Win 7 and 10, is that they have switched to the osoclient.exe to manage the updates.

I'm pretty sure server 2008 and onward had the issue. I don't remember dealing with it on workstations

I still have a 2008 R2 box and can test it on the next go 'round. I won't have it much longer, as I am dumping it prior to EOS.

LOL - Didn't make this cutoff. Next week, hopefully.

@Obsolesce said in City of Munich Moving to Closed Source Software:

It looks like the whole issue was due to their use of some weird distro years ago.

That article technically doesn't say why they need Windows now, so for all I know they have some new weird requirements I don't know about, but assuming they don't, I think the decision to go to Windows is a horrible idea. They'd be much better off going to Ubuntu instead.

Yes I upvoted a post about how Ubuntu would be better than an alternative. Please no heart attacks people.

Within PowerShell can't use something like Push-Location \\Server\Share\path or Set-Location \\Server\Share\path and then run the cipher command?

@scottalanmiller said in URL Redirect at the Windows Workstation?:

@JasGot said in URL Redirect at the Windows Workstation?:

Gotta Love RoIT!

RoIT Rules!

Not until you actually do the actual re-branding

@dbeato said in Windows Server 2012 Remote Web Access not connecting and RDS services showing error 23005:

@scottalanmiller Yeah, RDW is the problem I understand now. Basically you can remote desktop without need of App Resources Proxy without any problems. But if you try to load the App Resources from a Windows 10 device then yes I understand now.

Yeah. It's a weird "Essentials only" issue, only on 2012 and older. From what I can tell.

Why not filter out the files that you don't need to rename?
Summat like:

(Get-ChildItem -Path "path\to\folder" -Recurse | Where-Object {$_.Name -contains '•'} | Rename-Item -NewName {$_.Name -replace '•',''} -verbose -ErrorAction SilentlyContinue -ErrorVariable daError)

@scottalanmiller said in Why the Windows 10 EULA Is Applicable to Older Windows Licenses:

It then points out that the EULA is not valid only in the case where the source license is not genuine, so like a pirated copy of Windows 8. This entire portion of the EULA is exclusively for the purpose of Windows 7, 8, and 8.1. It has no purpose otherwise.

It does. It also applies when you are installing a clean install of a previously legally licensed Windows 10 system.

New-PSSession -ComputerName Host1
New-PSSession -ComputerName Host2

Get-PSSession will show all sessions you created.

Use Enter-PSSession to enter one of your opened session

Nice! I was thinking about doing this soon.

This is the provider I use to clone KVM guests with Terraform https://github.com/dmacvicar/terraform-provider-libvirt

@Fredtx This has usually worked for me in the past.