jeifabdi 1 Posted November 7 Posted November 7 Although communications from ESET may be encrypted, Wazuh has indicated to us that it requires the ESET PROTECT Cloud console certificate, which is the one used for encrypting these communications. According to them, this will allow them to decrypt the data themselves. Understanding that, in all configurations for sending Syslog to Wazuh Cloud, this certificate is included. In addition, they indicate that it is important that we provide them with the source IP from which ESET transmits Syslog events, in order to authorize it on the Wazuh Cloud network. Also, the certificate must be in PEM format to ensure compatibility. I would like to validate with you if from the PROTECT INSTANCE, it is possible to obtain this certificate in the format that the client needs it. Quote
Administrators Marcos 5,468 Posted November 8 Administrators Posted November 8 I'm not versed in Wazuh SIEM so if https://groups.google.com/g/wazuh/c/OyALp_kt7mI?pli=1 doesn't help, please raise a support ticket. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.