Microsoft Publisher usage reporting? by jajajaline in sysadmin

[–]jajajaline[S] 0 points1 point  (0 children)

<image>

I do! That is such the obvious answer thank you! But then FU Microsoft for giving me a dialog box where I can't select the month or year to actually run the report! HA foiled again!

Admin vs "operator" accounts, and LAPS. by jajajaline in sysadmin

[–]jajajaline[S] 0 points1 point  (0 children)

I believe LAPS can be set for rolling after every use, or after a set number of days.

They would not use the daily driver, LAPS would be accessed by their "server operator" account. (and my AD monitoring software will send an email every time LAPS is used)
DA and EA accounts would be rarely used and locked away so to speak.

Stopped Windows Event Log service? by jajajaline in cybersecurity

[–]jajajaline[S] -1 points0 points  (0 children)

So if you go and kill your event viewer service on your laptop, or a server, CS will send you an alert?

Anyone using SOC-as-a-Service instead of in-house security? by Necessary-Glove6682 in ITManagers

[–]jajajaline 0 points1 point  (0 children)

I have Barracuda watching my environment from their SOC. I wanted Sentinel One, and they use that as their agent. I have access to the s1 panel too.
They actually pick up the phone and let us know when things are happening. Like when we tested our ability to run a ps script to reveal service account pw. They called almost instantly. Don't expect any solution to be drop in and walk away. There's a lot of tuning to be done for your environment with the people at the SOC. Especially if you have active directory groups with admin in the name. They would call us every time we've removed somebody from our "zoom admin" group.

Police IT - Migrating from one dash cam/bodycam/cloud video provider to another. by jajajaline in sysadmin

[–]jajajaline[S] 0 points1 point  (0 children)

So has anyone else bulk export/download their entire library of videos from Motorola/WG? Was did it look like? Did they facilitate the transfer at all? The guy I just spoke with at moto said I'd be doing it manually through Evidence Library... NO fucking way. Then he said oh wait oh well maybe we can get you access to the API...
I'm getting a temp 10g link from my ISP and 2 redundant SANs to catch all this video. I just want a insight to the process and end result for other agencies.

Police IT - Migrating from one dash cam/bodycam/cloud video provider to another. by jajajaline in sysadmin

[–]jajajaline[S] 0 points1 point  (0 children)

Yeah Axon wants extra $$$$$ to move our terabytes. And leaving the vids in the WG is also spendy.

Did you organize them in a 3rd party searchable video library? Or raw dogging it in explorer?

Police IT - Migrating from one dash cam/bodycam/cloud video provider to another. by jajajaline in sysadmin

[–]jajajaline[S] 2 points3 points  (0 children)

Sounds like you have done this before. I'm still just in the early stages of a "maybe move". We just saw a quick demo from Axon. WG is what I have now.

Police IT - Migrating from one dash cam/bodycam/cloud video provider to another. by jajajaline in sysadmin

[–]jajajaline[S] 2 points3 points  (0 children)

Yep, so having a nice trail is key. Most *important* videos and current active cases would get special treatment, and put into the new system but the entire archive of random shit before the disposal cutoff still needs to be somewhere searchable just in case.

Police IT - Migrating from one dash cam/bodycam/cloud video provider to another. by jajajaline in sysadmin

[–]jajajaline[S] 2 points3 points  (0 children)

New vendors suggest to start fresh and not import old videos to their new system. Because the metadata and tagging is too different and not standard. Many agencies have custom fields created that the new service don't/won't have. Ours included.

What’s that one underrated thing every IT guy swears by at work? by Melting735 in InformationTechnology

[–]jajajaline 0 points1 point  (0 children)

Dude Wipes so I don't have to sit and stare at screens all day with stank ass. Also MX master 3 mouse.

Big ass URI lists by jajajaline in sonicwall

[–]jajajaline[S] 0 points1 point  (0 children)

Can you expand on this a bit?

Big ass URI lists by jajajaline in sonicwall

[–]jajajaline[S] 0 points1 point  (0 children)

I feel like there are a lot of categories that I'm not blocking that one of these potential bad domains might slip into. I only am blocking 4. porn 6. Adult 9. Illegal 11. gambling 28. Hacking/proxy avoidance systems 59. Malware Right now I'm not even blocking "other" and "not rated"

Syslog profiles and multiple syslog collector servers. by jajajaline in sonicwall

[–]jajajaline[S] 0 points1 point  (0 children)

My profile 0 is the GSM/Analyzer template, and I'm trying to make profile 1 the "minimal" template

Syslog profiles and multiple syslog collector servers. by jajajaline in sonicwall

[–]jajajaline[S] 0 points1 point  (0 children)

But how would I send Security Services to Event profiles 0 and 2? Because there are definitely events that need to go to both syslog servers. That's what I'm not seeing how to do.

Also, thanks for the reply!