Immediate Insight

/Immediate Insight

Update Process – Immediate Insight

  This document outlines how Immediate Insight can be kept up-to-date for the latest features and performance enhancements. The product is designed to update seamlessly and automatically via the command-line interface (CLI). However, this methodology requires direct Internet access from [...]

By |July 25th, 2016|0 Comments

Streaming Copy over WAN – Immediate Insight

This document outlines how you can securely forward/copy data from one Immediate Insight server to another over the WAN (or Internet). As an example: this can be utilized to send data from a remote site to a central Immediate Insight [...]

By |July 25th, 2016|0 Comments

Security Manager Changes and Firewall Log Collection – Immediate Insight

The purpose of this document is to walk the user through the integration for collecting Security Manager firewall change events and logs into Immediate Insight (also note: Security Manager activity, such as configuration collection via SSH, will also be collected). [...]

By |July 25th, 2016|0 Comments

Advanced Commands – Immediate Insight

  This document highlights valuable installation and setup-related commands and other command-line interface (CLI) commands for advanced users. Installation Script – “install” When you first install Immediate Insight, you initiate the “install” command. This command is a collection of the [...]

By |July 25th, 2016|0 Comments

Enhance Windows Anomaly Detection with Sysmon

In my last post I covered how you can centralize your Windows logs on one system, send them as JSON for full detail, and use Immediate Insight's fast search and analytics to investigate alerts and discover the unknown. Now - let's take it [...]

By |April 5th, 2016|0 Comments

Anatomy of an Immediate Insight Proof-of-Concept

Background Today’s reality for IT Security and Operations teams is there are more activities to be performed than there are hours in the day. Before evaluating any product it’s helpful to understand the scope of effort and time required to [...]

By |March 29th, 2016|0 Comments

Centralizing Windows Logs in JSON with Security Analytics

In this post I will show how you can centralize your enterprise-wide Windows logs with zero cost and via one agent to Immediate Insight - security analytics for data discovery. We will output the logs in JSON (they show up a lot more rich [...]

By |March 29th, 2016|0 Comments

How do I change the system name shown in the Immediate Insight GUI?

The most recent version of Immediate Insight allows renaming of the system name in the GUI (by default the name is blank). To do this you can complete the following steps. From the GUI click the gear icon near the [...]

By |March 23rd, 2016|0 Comments

What Hypervisor is used for Immediate Insight installation?

VMWare ESXi version 5 or above is the recommended Hypervisor for production deployments. For evaluation or demonstration purposes the following may also be used; VMWare Workstation version 8 and above VMWare Fusion version 6 and above Installation instructions for ESXi [...]

By |March 22nd, 2016|0 Comments

How do I increase the disk size of my Immediate Insight storage?

Note: do not use VMWare tools to adjust the size of the disk, this will not work. Instead follow the following process;  Shut down by powering down the Immediate Insight VM from the VMware console  Add a new drive to [...]

By |March 22nd, 2016|0 Comments