This blog post will explore how to set up a simple logging pipeline to detect maliciously downloaded files. This setup will utilize technologies such as Osquery, Rsyslog, Kafka, Docker, Python3, and VirusTotal for a logging pipeline. If this pipeline detects a malicious file, a Slack alert will be triggered. Abstract First, Osquery will monitor file […]
Article Link: https://holdmybeersecurity.com/2019/04/25/detecting-malicious-downloads-with-osquery-rsyslog-kafka-python3-and-virustotal/