Monitoring Systems
Last updated
Last updated
This interface in question is designed to efficiently manage the monitoring systems associated with the company. It offers comprehensive compatibility, allowing integration with any vendor. This interface facilitates the management of each SIEM individually. Users can view all the integrations established with the company in an organized and paginated manner. Furthermore, the interface provides simplicity in editing the activation status, in deleting existing integrations, and in adding new integrations.
Monitoring System is designed to function as a central repository, collecting and processing all events from various data sources. It plays a crucial role in the organization and analysis of these events. A powerful correlation mechanism, built on the principles of Boolean algebra, continuously searches for patterns indicating anomalies. Once detected, these anomalies trigger alerts with unique identifiers based on the used Boolean algebra. These identifiers are integrated into our relational system to link the detected events to their respective correlation rules.
When creating a monitoring system integration, it's essential to provide a name and description.
Each vendor has their own standard for configuring integrations, and our system is versatile enough to connect with any SIEM.
Our system enables the registration and continuous monitoring of the status of servers supporting the monitoring solution. This feature allows Inopli to have a detailed understanding of the architecture and function of each server. Management is optimized through a paginated listing interface, which includes advanced filtering features, as well as options to maintain, edit, or remove the 'active' status of servers.
Additionally, Inopli provides a specialized agent to be installed on the servers. This agent is responsible for constantly monitoring the server's health, ensuring its continuous operation. In case of any issues, Inopli automatically intervenes to make corrections, ensuring that the server remains functional without interruptions.
To register a new server in our system, it is necessary to provide essential information such as the agent's token, a fullname of the server, and its intended function. After this step, it is possible to link Threat Hunting and Health Check profiles to the server, as needed. These profiles are essential for ensuring efficient monitoring and maintaining the server's health.
