BLOG
Author: Hubert Dulay
Seamless SIEM – Part 2: Anomaly Detection with Machine Learning and ksqlDB
We talked about how easy it is to send osquery logs to the Confluent Platform in part 1. Now, we’ll consume streams of osquery logs, detect anomalous behavior using machine […]
Seamless SIEM – Part 1: Osquery Event Log Aggregation and Confluent Platform
Osquery (developed by Facebook) is an open source tool used to gather audit log events from an operating system (OS). What’s unique about osquery is that it uses basic SQL […]