-
Cisco ASA Log Analysis in Elastic
If you’re new to reviewing SIEM logs and you come across a Cisco firewall, you’ll find out that Cisco ASA logs can be challenging to interpret. Unlike most other vendors, Cisco decided to leave out the word “allowed” or “accepted” from log data of allowed traffic. Take a Fortigate firewall for instance: Pretty easy to…
-
Downloading M3U8 Sources
I came across a video online that was hosted in JWPlayer. I wanted to pull the source and started to evaluate traffic in Chrome Dev tools and found the network traffic that was pulling down small snippets of video and a separate audio stream while the video played.Apparently the playback streams sections at a time.…
