@openit said in Is someone using Wazuh? Is alternative for Graylog, ME Data Security etc.?:

@openit said in Is someone using Wazuh? Is alternative for Graylog, ME Data Security etc.?:

@travisdh1 said in Is someone using Wazuh? Is alternative for Graylog, ME Data Security etc.?:

@openit said in Is someone using Wazuh? Is alternative for Graylog, ME Data Security etc.?:

I'm not familiar with Manage Engine Data Security Plus, so no idea how it compares to that.

Manage Engine Data Security Plus = File server auditing - monitor, alert, and report on all file accesses and modifications made to your file server environment.

I really need this kind, to monitor our Windows File server shares, once in a while, people come to ask me who deleted or modified these etc.

@IRJ Is Wazuh can do something like this? once I install an Agent on Windows File Server?

Yes it can. You can also exclude file types or directories to reduce false positives

@openit said in Is someone using Wazuh? Is alternative for Graylog, ME Data Security etc.?:

@IRJ Appreciate your inputs!

What do you want me to say? I've used it in labs and production environments. It works well and you can write custom rules.

You can search this forum and raise any questions in any topics that exist or create a new thread. I generally try to shy away from general questions like this. If you have any specific questions, then ask.

They should be required to do audits and pen testing yearly due to requirements of government systems. It sounds like solar winds worked with pen testing firms that that just gave passing grades. Sometimes organizations purposely hire bad security talent so they don't get exposed as doing a bad job. Some security firms are just happy to get a big customer's pay check, especially when they just give a thumbs up with no work being done.

@scottalanmiller said in Sell the business??:

@IRJ said in Sell the business??:

@Dashrender said in Sell the business??:

@wirestyle22 said in Sell the business??:

@siringo said in Sell the business??:

I am the sole support person for a medical clinic business. I've been supporting them for around 7 years.

When I started it was a simple 2 server business with 1 external site and in house Exchange.

Now they have 7 sites and all the things that go along with that.

I'll be wanting to get out of this IT game in about 4 years & spend my days on the beach.

So the question is, how do I go about finding someone to take over the support of this client without doing myself out of a job & income before my beach days arrive?

It's not just about trying to find an alternate support solution for what happens in 4 years, it's for now mainly, due to me being the only person who knows their entire IT setup. If I get hit by that bus, they will be in trouble.

The business has sites in rural areas which from time to time will require on site visits, so more than online only support will be required.

Should I sell the support service as a business? If so, how do you work out what it's worth?

Just interested to hear the thoughts of others.

I'd probably create as much documentation as humanly possible and hand it over to an MSP that you vet. Getting rid of the single point of failure (you) is important. Your documentation is what dictates how smooth the transition will be.

huh - Not sure I'd give it to the MSP - instead give it to the business, let them decide who it needs to go to... if you can be part of the vetting process for your replacement, great, if not, not your concern.

I agree with you dash. Who gives a fuck if you're retiring and hand over documentation.

Well, his job NOW is to care. So he's doing the right thing. Once he leaves, sure, THEN he doesn't care. But until he actually does leave, he's paid (presumably) to care a lot and that's what he is doing. So this is the perfect discussion to have now.

I did say to hand over documentation. It sounds like he doesn't even have that. We all agree that documentation is his job. So that he can walk out the door one day and not care what happens after that moment. He can feel confident giving the company documentation that is well written and available for anyone.

That's why I said hand over documentation. Other than that don't give a fuck because as you and I mentioned the "company" is worth zero. So why put in any effort into finding a replacement. Someone will always take the work.

@Dashrender said in Sell the business??:

@wirestyle22 said in Sell the business??:

@siringo said in Sell the business??:

I am the sole support person for a medical clinic business. I've been supporting them for around 7 years.

When I started it was a simple 2 server business with 1 external site and in house Exchange.

Now they have 7 sites and all the things that go along with that.

I'll be wanting to get out of this IT game in about 4 years & spend my days on the beach.

So the question is, how do I go about finding someone to take over the support of this client without doing myself out of a job & income before my beach days arrive?

It's not just about trying to find an alternate support solution for what happens in 4 years, it's for now mainly, due to me being the only person who knows their entire IT setup. If I get hit by that bus, they will be in trouble.

The business has sites in rural areas which from time to time will require on site visits, so more than online only support will be required.

Should I sell the support service as a business? If so, how do you work out what it's worth?

Just interested to hear the thoughts of others.

I'd probably create as much documentation as humanly possible and hand it over to an MSP that you vet. Getting rid of the single point of failure (you) is important. Your documentation is what dictates how smooth the transition will be.

huh - Not sure I'd give it to the MSP - instead give it to the business, let them decide who it needs to go to... if you can be part of the vetting process for your replacement, great, if not, not your concern.

I agree with you dash. Who gives a fuck if you're retiring and hand over documentation.

@black3dynamite said in Sell the business??:

@siringo said in Sell the business??:

If I get hit by that bus, they will be in trouble.

That's not good, how up to date is your documentation, disaster plans, etc...

Yeah basically if you do these things you don't have to worry about what happens when you retire to the beach.

I doubt you can sell them as a client. Maybe if you had tens of clients you could sell the business. But with one SMB client, it's not worth much.

If that customer decides to cancel then they would lose everything you sold them. Which is why no one is willing to buy one SMB client. I'm sure you can find someone who can I take over for free, but I'd only worry about that on my way out.

@Pete-S said in Notification mail in linux?:

Or is email perhaps not a good way to get notifications when there is a problem?

Maybe email in this manner is old-skool and it would be better to use something else?
Like external log server, system monitoring (Zabbix) perhaps?

Yeah I would use SIEM. Then you'd create and manage your alerts from there. You could send to email, slack, etc.

You can use postfix for alerting as JB mentioned. I use postfix on the my personal servers because I don't manage enough to justify a SIEM.

@DustinB3403 said in Oracle Linux Installation and performance seems insanely bad:

Just because something may be supported, doesn't imply that it is support.

@DustinB3403 said in What do you use for petabyte storage?:

I just use the empty space in between Obsolece's ears

@Obsolesce

I tagged him because you're too scared to do it.

@hobbit666 said in MPLS alternative:

@scottalanmiller said in MPLS alternative:

1990's LAN-based thinking. Modern networks with security are zero-trust (aka LANless) in design and VPN/MPLS would not serve any purpose.

I'll put my hand up and agree this is me, but will be looking at LANless/zero-trust on Monday and learn what it means fully.

Yeah that's really the only route to go anymore