Integration of UEBA Module.
504 views
Skip to first unread message
umar farooq
Mar 18, 2024, 9:37:22 AM3/18/24
to Wazuh | Mailing List
Hello Every one,
I need a quick help, Stucked in the integration of UEBA with Wazuh. can you please guide me step by step on what exactly I need to do?
I have trained and tested the model on a dataset of insider threat detection, its deeplearnig models and the results are good. but now I want to integrate it with wazuh. so that at real time it get the relevant logs, pass through model, if their is behaviour change , it should trigger alert at dashboard that this specific user deviates the behaviour. so please guide how i will do that, if its previously implemnted.
kind regards
I need a quick help, Stucked in the integration of UEBA with Wazuh. can you please guide me step by step on what exactly I need to do?
I have trained and tested the model on a dataset of insider threat detection, its deeplearnig models and the results are good. but now I want to integrate it with wazuh. so that at real time it get the relevant logs, pass through model, if their is behaviour change , it should trigger alert at dashboard that this specific user deviates the behaviour. so please guide how i will do that, if its previously implemnted.
kind regards
Nahuel Figueroa
Mar 18, 2024, 4:26:26 PM3/18/24
to Wazuh | Mailing List
Hi Umar! We currently do not have an integration with UEBA developed. UEBA provides an API that allows integration with other systems. You can use this API to automate data transfer between UEBA and Wazuh. For example, you can configure Wazuh to send alerts about security events to UEBA through its API, allowing UEBA to incorporate this data into its analysis. For more information on how to create an API integration visit https://documentation.wazuh.com/current/user-manual/manager/manual-integration.html
Reply all
Reply to author
Forward
0 new messages