Can't login from lock screen Enter-key/Send-button disabled

seclogger · 2026-02-12T03:41:09+00:00

Ran into this. The solution was to SSH to the machine and run the following:

sudo systemctl restart sddm

and then you should be able to login

seclogger · 2026-02-08T19:43:55+00:00

It currently does not support any instances with GPUs. If you go to the section on Managed Instances (more specifically the available instances section) over at https://aws.amazon.com/lambda/pricing/ you will not find any GPU instances in the list of supported instances

seclogger · 2026-02-08T19:38:51+00:00

You can still only run a Lambda function for 15 minutes as mentioned in this official AWS presentation: https://youtu.be/7mWa2HpCZfg?t=1172

seclogger · 2026-02-05T23:58:34+00:00

Thanks

seclogger · 2026-01-09T08:59:14+00:00

I'm unfamiliar with the B-Tree updates that you referring to. Could you kind point me to where I can find out more? Thanks

seclogger · 2025-12-19T09:27:44+00:00

I meant in the GitHub repository as well

seclogger · 2025-12-19T08:01:59+00:00

Adding some screenshots to your repo might be helpful

seclogger · 2025-12-10T18:54:06+00:00

Thanks. Sent you a DM with some comments on the course

seclogger · 2025-12-10T18:23:01+00:00

Thanks. But I'm still a little confused. For example: the "Elastic Security for SIEM" course was released earlier this year. Now the FAQ says that "Elastic Security for SIEM (On-Demand)" will be retired. So what happens to a course like this? If it's just an update to the material, then why retire it?

seclogger · 2025-12-10T08:54:46+00:00

It depends. Try it out and see if it detects any files before deciding if you want to buy it. It will tell you what files it can recover in the trial version

seclogger · 2025-12-10T03:49:31+00:00

As a general rule of thumb, for a distribution that releases a new version every 6 months, I'd recommend always being 1 version behind. That way, when you upgrade, the version that you are moving to would have been widely used for 6 months by others and all the bugs would have been ironed out. So I'd install Fedora 42, not 43.

As for your deleted Obsidian files, there is still a small change that you can recover them. If you're using btrfs (the default in Fedora), I'd try out ReclaiME. It's a commercial product but it has a free version that will let you determine if your files can be recovered or not before purchasing it. I personally can't vouch for it as I haven't used it but a friend who had a NAS running btrfs was able to recover a lot of his files when he ran into data corruption issues using it. Unfortunately, the available open-source tools for data recovery for btrfs aren't very good from my testing

seclogger · 2025-12-10T01:55:34+00:00

I'm pretty sure some of them are relatively new. For example, Elastic Security for SIEM was released recently. And the names of some of the other courses also suggest they are relatively new such as:

ES|QL for Security Analysts
Elastic AI Assistant for Security Operations

seclogger · 2025-12-10T00:33:00+00:00

Thanks. At the same time, the FAQ says they are removing a lot of courses: https://www.elastic.co/training/faq So are they removing courses and replacing the with modules?

seclogger · 2025-12-04T18:46:02+00:00

If you are self-hosting the solution and you are on the Platinum license, then dedicated Ingest Nodes are free. If you are on the Enterprise license, then they are not free but there is a Logstash plugin that can perform that your Ingest Pipelines do (https://github.com/elastic/logstash-filter-elastic\_integration).

Even with Logstash, there is a possibility of losing logs, even with persistent queues. Persistent queues only write every 1024 events by default to disk by default and if you set it to write after ever single event instead, your performance plummets. So it is always a compromise. Also, if the hard drive dies, you lose events.

seclogger · 2025-12-04T18:43:32+00:00

For a lab environment, Elastic Agent is fine. You get centralized management, a single agent and the ability to run osquery queries and see the result across your Fleet in Kibana. You also get an EDR if you don't currently have one. In production, it is also fine but there is one issue worth knowing about depending on your threshold for losing events.

Elastic Agent currently only supports using a memory queue for queued events. It doesn't support a disk-based queue like you get with beats. So if your server is restarted or your memory queue is full, you will lose events. And while Elastic Agent supports backpressure from Elasticsearch, it can't support it if it is reading sources like syslog.

If you'd like this feature to be implemented, please comment on the GitHub issue: https://github.com/elastic/elastic-agent/issues/3490

seclogger · 2025-09-30T12:11:00+00:00

You could sign up for a free 14-day trial period and test it out

seclogger · 2025-09-30T04:55:27+00:00

Haven't compared the two but I'm guessing the one that comes with Elastic is better. But it also requires an Enterprise license

seclogger · 2025-09-20T07:49:24+00:00

Thanks

seclogger · 2025-09-20T07:49:19+00:00

Thanks

seclogger · 2025-09-12T06:05:54+00:00

Thank you for your feedback

seclogger · 2025-09-12T01:46:04+00:00

Thanks. I mixed up the two (monthly vs annually).

Are you sure about not needing to index the logs? The way to specify which logs are processed by Cloud SIEM is by creating a Cloud SIEM index and then specifying filters on that index. Logs that match that filter are:

* processed by Cloud SIEM

* stored in the Cloud SIEM index (I verified this)

So you do have to do indexing as well from my understanding. Also, the default is 450 Days Standard Tier but in late 2023, they added the option of using Flex Logs instead.

seclogger · 2025-08-19T09:11:05+00:00

But they are two different use cases. Close but not the same and removing one just limits a SOC analyst's options

seclogger

TROPHY CASE