How to integrate MyDLP with AlienVault / OSSIM

Posted by:

  1. This article already assumes that you have installed MyDLP and DLP functions are working properly.
  2. This article already assumes that your AlienVault / OSSIM is functioning properly.

After version MyDLP v0.9.144 (05.09.2012), as defaults, MyDLP is logging to Syslog using CEF (Common Event Format). It makes very easy to integrate with any kind of SIEM solution including AlienVault / OSSIM. MyDLP logs to Syslog using UDP, it is fast, but it is not a very secure way to transfer logs. ...

Continue Reading →
0

How to integrate MyDLP with HP ArcSight Logger

Posted by:

  1. This article already assumes that you have installed MyDLP and DLP functions are working properly.
  2. This article already assumes that your HP ArcSight Logger is functioning properly.

After version MyDLP v0.9.144 (05.09.2012), as defaults, MyDLP is logging to Syslog using CEF (Common Event Format). Also, HP ArcSight Logger supports CEF as default logging format. MyDLP logs to Syslog using UDP, it is fast, but it is not a very secure way to transfer logs. If your network is not secure ...

Continue Reading →
0

How to wipe out all logs from MyDLP

Posted by:

Currently, MyDLP uses to different MySQL InnoDB databases to store persistent information. Names of these are mydlp and mydlp_log. As understood by the name, all logging information is stored under mydlp_log. In order to wipe out these database.

After logging into MyDLP server via SSH.

sudo service mydlp stop
sudo mysqladmin drop mydlp_log
sudo service mydlp start

will wipe out and recreate database and schema.

PS: Policies or any other configuration will not be affected from this.

Continue Reading →
0