LogZilla had another amazing webinar this week, To Catch a Thief, where LogZilla’s CEO, Clayton Dukes, discussed how a major University uses Cisco ISE and LogZilla NEO to physically locate mobile device thieves and alert police within seconds.

While we love keeping our webinars to 25 minutes, we always have lots of questions at the end so we’ve decided to share the Top Five LogZilla Webinar Questions — ANSWERED.

QUESTION

If the thief/laptop is moving between buildings/controllers, will NEO correlate or open new tickets?

ANSWER

Yes, you can do the same thing we did during the Webinar, but adding secondary or tertiary checks against other facts. You could even add an event correlation rule to check for multiple device registrations from multiple access points!

QUESTION

Can you cluster multiple instances?

ANSWER

Of course! LogZilla NEO is docker-based, so clustering (and cloud) is quite simple.

QUESTION

In place of Slack, does it support MS Teams? In place of ISE, how about ForeScout?

ANSWER

Yes. In the demo, we used Cisco ISE and Slack. But the inputs and outputs are vendor agnostic in LogZilla NEO.

QUESTION

Will the files and/or scripts that you used during the webinar be available to help get us started?

ANSWER

Yes, they are available on our GitHub repo

QUESTION

Can you run LogZilla on a virtual machine?

ANSWER

Of course! LogZilla runs on docker containers. Just load up your OS of choice and visit our download page to get the installation command.

Posted 
February 6, 2022
 in 
IT Operations
 category

More from the

IT Operations

 category

View All