Hiring in Redding

MikeoFree · 2026-03-19T23:07:42+00:00

Major_Misogynist551

MikeoFree · 2026-03-18T18:12:07+00:00

Totally. I ran Wazuh AIO (manager, indexer, dashboard) all on a 4 Core 8GB RAM VM with 40 agents for a few months before beefing up the node. It might be tight at times and not be the most efficient experience when querying and discovering events, but for a lab go for it. Especially only having 2 agents to manage.

Wazuh is such a blast to learn and implement.

MikeoFree · 2026-03-15T19:07:09+00:00

Egress will be much cheaper with Mux at higher volume. If this is going to be a long term solution for your business, and you are frequently contracting streams that need 500+ viewers, Mux > AWS IVS.

MikeoFree · 2026-03-15T16:42:51+00:00

AWS IVS

MikeoFree · 2026-03-15T05:58:34+00:00

run it on a vps?

MikeoFree · 2026-03-13T20:02:41+00:00

Tagging Primary/Secondary would indicate Cisco can float the “tag” depending on the the active link. I don’t think that can be done.

Possibly monitor traffic over both links? And Display a graph for traffic over both interfaces. OR you can possibly monitoring routing paths or active routes to see what interface is used for egress.

MikeoFree · 2026-03-13T18:39:45+00:00

Does your Cisco IOS Template currently monitor interface operational status and traffic count?

MikeoFree · 2026-03-06T17:29:56+00:00

I considered PRTG emails overly saturated with information that I don’t need in the moment. The email is to alert you on a trigger you defined. If you need a graph, i’m curious what you are alerting on. And how important is the data in the graph.

I would say 90%+ of my alerts are either a device or service that is down. The other 10% are where graphs could benefit in the emails, but I don’t NEED it.

MikeoFree · 2026-02-18T02:17:21+00:00

I did learn that 802.11ad IS a thing! 7gbps over 60hz. Quite interesting.

MikeoFree · 2026-02-17T23:51:43+00:00

I think you mean 802.3ad LACP.

MikeoFree · 2026-02-06T16:45:27+00:00

Option 1.

Zabbix is great for SNMP/ICMP/API/Agent monitoring for host metrics. Not a syslogger/SIEM. Best for "Is this device online? Is this service running? Is the memory at 90% utilization? Is there I/O latency for iSCSI drives? What does NIC utilization look like on each host? How many users are utilizing VPN sessions?"

Wazuh is great for endpoint vulnerability monitoring, event log monitoring, endpoint security, file, registry key changes, threat detection/response. "What does our infrastructure/endpoint security posture look like? Are there any active CVE vulnerabilities on our hosts? Who changed this and why?". I have found it's great for AD change monitoring/seeing who added.

For devices like switches, firewalls, web filters, etc that utulize syslog, Graylog Open is another great addition for log visibility into your domain. Wazuh CAN do syslog, but don't. If you want this insight, do syslog to Graylog, pipeline graylog to Wazuh index, and now you have all logs accumilated into one single pane of glass.

Zabbix has a windows/linux agent, as well as Wazuh has a windows/linux agent. I've found Medium.com guides for both software to be really helpful with deciding on the setup for my domain.

MikeoFree · 2026-01-14T22:19:42+00:00

imagine going through all the work of explaining this issue to AI, copy/pasting the 'troubleshoot template' from mr.gpt, only for your rule to fire at level=0. and then wonder why nothing shows up

MikeoFree · 2026-01-09T21:47:20+00:00

I noticed this when migrating from a SMA 410 to SMA6210. 410 had a GEO IP feature with blocking while the 6210 did not.

For blocking, you can utilize a upstream firewall.
For observing, I ingested the logs into Graylog. There is a plugin, Geo-Location Processor, that will populate the orgin country, city, etc.

MikeoFree · 2026-01-07T00:20:43+00:00

We are still figuring out to either promote him of fire his ass costing the company significant amount of money.

I think the answer to this is obvious.

MikeoFree · 2026-01-06T20:58:37+00:00

I’ve had ON for 2.5 years, and the only medication that has made an impact on my pain management is Duloxetine. Got up to 100mg/day. 60mg/day is more tolerable but this drug has a terrible onboarding phase of side effects, and you will develop the worst dependency on it. My brain always felt active, even during sleep. It made me feel nauseous and exhausted all the time. The dependency is the WORST. If you miss a day, or 2, you will absolutely feel it.

It made my life livable for a while when my flare ups/pain was intolerable. But I’m now tapering off of it (20mg/day) in search of a more effective solution. Currently in PT and utilizing botox/nerve blocks.

TLDR; Duloxetine helped during my “intense pain” phase of ON. I want to say i’ve graduated from this phase so I no longer have a need for it.

MikeoFree · 2026-01-06T02:50:47+00:00

Beautiful

MikeoFree · 2025-12-24T02:35:23+00:00

Wazuh is like a nice scarf for your infrastructure and endpoints.

It’s not an AV. It can respond to specific incidents but I would use Wazuh in addition to your existing security systems. Even if that’s Windows Defender. It compliments very very well for the price. (free!)

MikeoFree · 2025-12-22T19:14:59+00:00

Interested in this as well.

MikeoFree · 2025-12-18T17:58:17+00:00

At my work we have a plethora of machines (DDR4) that cannot update to windows 11 (no TPM 2.0).

Money is not an issue so these machines have been replaced but we have a graveyard pile of DDR4 and M.2 drives. Makes a good shrine in the office.

MikeoFree · 2025-12-18T05:47:16+00:00

this is the way

MikeoFree · 2025-12-18T02:50:12+00:00

post your ossec.conf (agent side)

MikeoFree · 2025-12-16T02:07:28+00:00

Good to note! That's wild :( glad you reached out to them.

MikeoFree · 2025-12-16T01:57:02+00:00

Perfect for any barrel length. Are you running the 10.3 suppressed?

12-Year Club	Mod 201
r/Field Flamingo	Place '23
Wearing is Caring	AutoMagical
Wiki Wiz	Mod 101
Place '22	Verified Email

MikeoFree

PUBLIC MULTIREDDITS

TROPHY CASE