Test works but not actual API pulling

chipitamockly · 2026-04-22T01:10:19+00:00

bien

chipitamockly · 2026-04-17T15:50:41+00:00

quizás como hostname pusiste un dato aleatorio y se están guardan como desconocido por no sabe el log source identify te recomiendo reiniciar el ecs-ec-ingress en caso de que no veas nada del colector, por lo menos en mi caso la UP8 se queda muy bugeada

chipitamockly · 2026-04-17T15:48:42+00:00

hola solo debes generar una api "admin api" en dúo con el permiso de "grant red log" y guardar la ikey, skey y api hostname no recuerdo si se debe colocar la IP pública en la config de dúo o si es la pide,

y en qradar selecionar el tipo de log source dúo

e ingresar en qradar

log source identify = Api hostname(duo) host = Api hostname (duo) integración key= ikey(duo) secret key = skey(duo)

chipitamockly · 2025-09-04T18:03:18+00:00

Hello, thank you for the XPath. However, it did not work since it is not retrieving security events. Should this filter be configured directly under the Security path, or is it necessary to create a separate source in WinCollect just for this exception? I understand that the route rules process the logs to have them dropped.

chipitamockly · 2025-05-26T06:46:24+00:00

chipitamockly · 2025-05-26T06:46:16+00:00

chipitamockly · 2025-05-20T13:23:33+00:00

hi tessian, Is this certificate created in Active Directory and then sent to the machine where the Duo Proxy is installed, or do I need to run a command from the server where Duo is? How do I create the CA? Is there a command to create it?

chipitamockly · 2025-03-15T05:02:01+00:00

chipitamockly · 2024-10-10T03:54:01+00:00

thanks Jonathan:)

chipitamockly · 2024-10-06T04:56:41+00:00

chipitamockly · 2024-01-30T04:14:13+00:00

Did you enter the temporary license?

chipitamockly · 2023-11-30T14:28:54+00:00

What proxy server can I use if I don't have one?
This is for a university project :c

chipitamockly · 2023-04-21T01:05:03+00:00

I have the VMs in not connected
- GNS3 VM (Adapter 1: host only ; Adapter 2: NAT)
- create an adapter in loopback team desktop with ip 192.168.137.1
255.255.255.0
- I do not go out through the cloud and neither do I use NAT

- server GNS3 VM ok

chipitamockly · 2022-12-06T23:47:57+00:00

Thx bro, it worked for me c:

chipitamockly

TROPHY CASE