A Linux and Cybersecurity expert in Australia. RHCE, Linux+, Sec+, CySA+, CASP+, CISM
All HowTo's Cybersecurity Ubuntu, Mint & Debian Linux Web Servers

Apache Example Configuration for GeoIP Fencing, SSL/TLS Termination, and Reverse Proxy

This article shows an example configuration that will achieve three objectives: Provide GeoIP Fending, Provide SSL/TLS Termination, and server as a Reverse Proxy. In this example we’re using Ubuntu 22.04. Connections coming in on HTTP (port 80) are redirected to HTTPS (port 443) which is where the GeoIP Fencing takes

Read more
All HowTo's Linux Redhat, Fedora and CentOS Linux Ubuntu, Mint & Debian Linux Windows

NXLog Example Configuration File – Sending Logs From Windows to Syslog in JSON Format

This article explains how to send logs from Windows systems to Syslog servers using NXLog (community edition). In this case we’re sending to Syslog listening on TCP. NXLog is easy enough to install but the configuration process is not so easy. Because Windows EventLog uses many more fields than Syslog,

Read more
All HowTo's Linux Redhat, Fedora and CentOS Linux Synology Ubuntu, Mint & Debian Linux

Comparing Syslog Formats – BSD RFC3164 vs IETF RFC5424

This article compares the two Syslog formats. If you can’t decide, consider “IETF RFC 5424”. This article compares two log entries using different Syslog formats. The event is the same for both entries – logging into a Synology server’s web portal. The user “agix” is logging in from host “10.1.1.100”.

Read more
All HowTo's Kubernetes & Docker Linux Redhat, Fedora and CentOS Linux Ubuntu, Mint & Debian Linux

Running LogStash in Docker

This is a short HowTo for running LogStash in Docker. We’re using Ubuntu 22.04. Install Docker and create our directory structure: apt install docker docker.io mkdir ~/logstash mkdir ~/logstash/config/ ~/logstash/pipeline/ Create the Dockerfile file “~/Dockerfile”: # The image to use: FROM docker.elastic.co/logstash/logstash:8.15.0 # Remove the pre-existing config file from within

Read more
All HowTo's Cybersecurity Linux Ubuntu, Mint & Debian Linux

Installing Graylog Open on Ubuntu 22.04

This article is a walkthrough for installing “Graylog Open 6” and leverages the documentation at “https://go2docs.graylog.org/current/downloading_and_installing_graylog/ubuntu_installation.html” and “https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-ubuntu/”. We’re using Ubuntu 22.04 because 24.04 is not supported using the documentation linked above. We’re starting from a fresh “standard” Ubuntu 22.04 installation. Our resources are “4GB RAM, 8 CPU Cores, 25GB

Read more