Warning: You are viewing an older version of this documentation. Most recent is here: 40.0.1

Administration

• Overview
  • Interface Overview
• Authentication
  • Local Authentication
  • Authentication (LDAP, local)
• Capture Settings
  • Change interface settings for a probe
  • Add Berkeley packet filter to adjust probes inspection
  • Add threads to an interface inspection on a probe
  • Network card load balancing
  • NSM settings
  • Change NSM settings for a probe
  • Change NSM settings proto/alert
  • Enable or disable protocols for a probe
  • Add custom or extended HTTP information
  • Add custom or extended SMTP information
  • Add custom DNS information
  • Add packet data or payload to the alerts information
  • File handling capabilities
  • Enable or disable file extraction for a probe
  • Change file extraction max size for a probe
  • Add MD5 or file magic information
  • Rule Activity for a probe
• Declarations of Compromise
  • Custom Declarations of Compromise
  • Editing a Custom Declaration of Compromise
  • DoC Suppression
• Events Filtering
  • Filters
• File Extraction
  • Concept
  • File Extraction Activation
  • How File Extraction Works
  • Getting Files from the REST-API
• Global Configuration
  • Certificate authority
  • Log retention
  • Database status and health
  • Forwarding Events (output plugin)
  • Sending Emails
  • NTP
  • Stamus Probe Global Parameters
  • Expert configuration
• Network Definitions
  • Introduction
  • Managing Network Definitions
  • Assigning a Network Definition
  • Known Bug
• Probe Registration
  • Registering a Stamus Network Probe
  • Register a Stamus Network Probe via SSL VPN
  • Enable VPN proxy on Network Probes
  • Finish registration of a Stamus Probe
  • Remove/delete a probe
• Probe Templates
  • Using Templates
  • Override Settings
  • Template Inheritance
  • Delete Template
• Run Your Own Defense (RYOD)
  • Introduction
  • Basic usage
  • Container lifecycle
  • Backup
  • Disable RYOD
  • Log rotation RYOD
• Sources & Rulesets
  • Overview
  • Definitions
  • Sources
  • Rulesets
  • Using Custom Rules
  • Threat Intelligence Sources for Datasets
  • Suppression and Thresholding
  • Rule Transformations
• Splunk
  • Forwarding SCS logs to Splunk
  • Stamus App for Splunk
• Suricata Sensors
  • Alerts Enrichment
  • Register a Suricata Sensor
• Threat Intelligence
  • Threats Update
  • Homoglyph Attacks
  • IP Reputation List
• Webhooks
  • What are Webhooks?
  • Objects & Variables
  • Examples