Odin is a central IoC scanner based on Loki.
This application Loki latest version and download it on all machines using a powershell script and run it then this app receives the respose from all machines and parse the feed in CSV form.
Odin download and extract the latest version on Loki and start HTTP server to deliver the executable (Loki) to all machines.
This step has ti be done manually using powershell script on a DC machine or suing domain admin account which the script deliver loki to all machines and start updating. The script is in Configurations tab and you can modiy the scipt as needed.
Start the listener then from the powershell script start Loki to search for IoCs and results will be sent from Loki to Odin
Collected logs will be parsed and can be exported as CSV file to be handled with something else like ELK.
General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…
How to Send POST Requests Using curl in Linux If you work with APIs, servers,…
If you are a Linux user, you have probably seen commands like chmod 777 while…
Vim and Vi are among the most powerful text editors in the Linux world. They…
Working with compressed files is a common task for any Linux user. Whether you are…
In the digital era, an email address can reveal much more than just a contact…