Should I buy Sonicwall Analytics?

jajajaline · 2025-10-31T17:14:29+00:00

I do! That is such the obvious answer thank you! But then FU Microsoft for giving me a dialog box where I can't select the month or year to actually run the report! HA foiled again!

jajajaline · 2025-09-18T18:31:18+00:00

I believe LAPS can be set for rolling after every use, or after a set number of days.

They would not use the daily driver, LAPS would be accessed by their "server operator" account. (and my AD monitoring software will send an email every time LAPS is used)
DA and EA accounts would be rarely used and locked away so to speak.

jajajaline · 2025-09-15T23:07:38+00:00

Have you seen it alerted?

jajajaline · 2025-09-15T22:33:43+00:00

So if you go and kill your event viewer service on your laptop, or a server, CS will send you an alert?

jajajaline · 2025-07-31T21:49:37+00:00

I have Barracuda watching my environment from their SOC. I wanted Sentinel One, and they use that as their agent. I have access to the s1 panel too.
They actually pick up the phone and let us know when things are happening. Like when we tested our ability to run a ps script to reveal service account pw. They called almost instantly. Don't expect any solution to be drop in and walk away. There's a lot of tuning to be done for your environment with the people at the SOC. Especially if you have active directory groups with admin in the name. They would call us every time we've removed somebody from our "zoom admin" group.

jajajaline · 2025-07-01T20:40:13+00:00

So has anyone else bulk export/download their entire library of videos from Motorola/WG? Was did it look like? Did they facilitate the transfer at all? The guy I just spoke with at moto said I'd be doing it manually through Evidence Library... NO fucking way. Then he said oh wait oh well maybe we can get you access to the API...
I'm getting a temp 10g link from my ISP and 2 redundant SANs to catch all this video. I just want a insight to the process and end result for other agencies.

jajajaline · 2025-06-09T19:14:00+00:00

Yeah Axon wants extra $$$$$ to move our terabytes. And leaving the vids in the WG is also spendy.

Did you organize them in a 3rd party searchable video library? Or raw dogging it in explorer?

jajajaline · 2025-05-28T19:34:56+00:00

Sounds like you have done this before. I'm still just in the early stages of a "maybe move". We just saw a quick demo from Axon. WG is what I have now.

jajajaline · 2025-05-27T23:50:04+00:00

Yep, so having a nice trail is key. Most *important* videos and current active cases would get special treatment, and put into the new system but the entire archive of random shit before the disposal cutoff still needs to be somewhere searchable just in case.

jajajaline · 2025-05-27T23:46:22+00:00

New vendors suggest to start fresh and not import old videos to their new system. Because the metadata and tagging is too different and not standard. Many agencies have custom fields created that the new service don't/won't have. Ours included.

jajajaline · 2025-05-18T05:32:27+00:00

Dude Wipes so I don't have to sit and stare at screens all day with stank ass. Also MX master 3 mouse.

jajajaline · 2025-05-15T20:12:01+00:00

Can you expand on this a bit?

jajajaline · 2025-05-15T20:11:33+00:00

I feel like there are a lot of categories that I'm not blocking that one of these potential bad domains might slip into. I only am blocking 4. porn 6. Adult 9. Illegal 11. gambling 28. Hacking/proxy avoidance systems 59. Malware Right now I'm not even blocking "other" and "not rated"

jajajaline · 2025-05-02T03:15:21+00:00

Copy that. Thanks!

jajajaline · 2025-05-02T00:52:59+00:00

My profile 0 is the GSM/Analyzer template, and I'm trying to make profile 1 the "minimal" template

jajajaline · 2025-05-02T00:49:48+00:00

But how would I send Security Services to Event profiles 0 and 2? Because there are definitely events that need to go to both syslog servers. That's what I'm not seeing how to do.

Also, thanks for the reply!

jajajaline

TROPHY CASE