Inopli Documentation
  • Getting Started
    • Understanding Inopli
    • First Access
    • Inopli's Features
  • System Settings
    • Configuring the MSS
      • Configuring the MSP's profile
      • Request Categories
      • Policies
      • Managing Integrations
        • ChatGPT
        • Slack
        • Telegram
        • Google Chat
        • E-mail
      • Data Sources
      • Roles
        • Creating a Role
    • Managing Companies
      • Configuring the Company's profile
      • Company's Roles
      • Managing Company's Integrations
      • Monitoring Systems
    • Managing User Access
      • Creating MSP's user accounts
      • Creating end user accounts
  • System Administration
    • Rules
      • Main
      • Monitoring Systems
      • Rule Details
      • Mitre Techniques
      • Playbooks
      • Companies
    • Knowledge Lists
    • Managing MITRE
  • User Guide
    • Dashboards
      • Operational Dashboard
      • Executive Dashboard
      • KPIs Dashboard
      • Alert Management Dashboard
        • Confusion Matrix
    • Incidents
      • Alerts
      • Messages
      • History
      • Rate
      • Playbooks
      • Rules
    • Requests
  • Resources
    • Inopli Correlator
Powered by GitBook
On this page
  1. System Settings
  2. Managing Companies

Monitoring Systems

PreviousManaging Company's IntegrationsNextManaging User Access

Last updated 1 year ago

This interface in question is designed to efficiently manage the monitoring systems associated with the company. It offers comprehensive compatibility, allowing integration with any vendor. This interface facilitates the management of each SIEM individually. Users can view all the integrations established with the company in an organized and paginated manner. Furthermore, the interface provides simplicity in editing the activation status, in deleting existing integrations, and in adding new integrations.

Monitoring System is designed to function as a central repository, collecting and processing all events from various data sources. It plays a crucial role in the organization and analysis of these events. A powerful correlation mechanism, built on the principles of Boolean algebra, continuously searches for patterns indicating anomalies. Once detected, these anomalies trigger alerts with unique identifiers based on the used Boolean algebra. These identifiers are integrated into our relational system to link the detected events to their respective correlation rules.

Creating a new monitoring system integration

Identification

When creating a monitoring system integration, it's essential to provide a name and description.

Vendor

Each vendor has their own standard for configuring integrations, and our system is versatile enough to connect with any SIEM.

Servers

Our system enables the registration and continuous monitoring of the status of servers supporting the monitoring solution. This feature allows Inopli to have a detailed understanding of the architecture and function of each server. Management is optimized through a paginated listing interface, which includes advanced filtering features, as well as options to maintain, edit, or remove the 'active' status of servers.

Additionally, Inopli provides a specialized agent to be installed on the servers. This agent is responsible for constantly monitoring the server's health, ensuring its continuous operation. In case of any issues, Inopli automatically intervenes to make corrections, ensuring that the server remains functional without interruptions.

To register a new server in our system, it is necessary to provide essential information such as the agent's token, a fullname of the server, and its intended function. After this step, it is possible to link Threat Hunting and Health Check profiles to the server, as needed. These profiles are essential for ensuring efficient monitoring and maintaining the server's health.

Overview Monitoring System
Identification Stage
Vendor Options into Configuration Stage
Overview Servers Stage
Adding a server