BlogZilla - You Asked, We Answered - The Top Five

You Asked, We Answered - The Top Five

To Catch a Thief

Share this:

LogZilla had another amazing webinar this week, To Catch a Thief, where LogZilla’s CEO, Clayton Dukes, discussed how a major University uses Cisco ISE and LogZilla NEO to physically locate mobile device thieves and alert police within seconds.

While we love keeping our webinars to 25 minutes, we always have lots of questions at the end so we’ve decided to share the Top Five LogZilla Webinar Questions — ANSWERED.

  1. QUESTION: If the thief/laptop is moving between buildings/controllers, will NEO correlate or open new tickets?

ANSWER: Yes, you can do the same thing we did during the Webinar, but adding secondary or tertiary checks against other facts. You could even add an event correlation rule to check for multiple device registrations from multiple access points!

  1. QUESTION: Can you cluster multiple instances?

ANSWER: Of course! LogZilla NEO is docker-based, so clustering (and cloud) is quite simple.

  1. QUESTION: In place of Slack, does it support MS Teams? In place of ISE, how about ForeScout?

ANSWER: Yes. In the demo, we used Cisco ISE and Slack. But the inputs and outputs are vendor agnostic in LogZilla NEO.

  1. QUESTION: Will the files and/or scripts that you used during the webinar be available to help get us started?

ANSWER: Yes, they are available on our Github repo

  1. QUESTION: Can you run LogZilla on a virtual machine?

ANSWER: Of course! LogZilla runs on docker containers. Just load up your OS of choice and visit our download page to get the installation command.

 

MISSED THE LAST WEBINAR? You can watch previous topics on-demand HERE