All organizations should have access to the skills needed to detect and contain threats. But, typically, only the very largest enterprises can afford the millions in annual staff and infrastructure investments required to maintain a Security Operations Center (SOC).

For this how-to guide, we’ll walk through how to use the CrowdStrike Falcon LogScale Log Collector to collect and send log events to your CrowdStrike Falcon® LogScale repository. Although the log shipper supports several types of log sources (see the list here), we’ll cover the use case of collecting log events from journald.

CrowdStrike Falcon® LogScale, formerly known as Humio, provides a full range of dashboarding and live query capabilities out of the box. Sometimes, however, you’ll work in an environment where there are other solutions alongside LogScale. For example, let’s say your operations team takes an observability approach that includes metrics scraped by Prometheus, tracing with Jaeger, and dashboard visualizations with Grafana.

This is a developing story. Updates will be amended as new information and guidance become available.

Imagine this… you walk into work; you are the supervisor of an automated automotive production line for one of the largest global car manufacturers. Everyone from the last shift is still there, they are not packing up to go home, in fact, they are panicking. The production line has shut down, nothing is working, and computer screens along the production line display a ransom demand.

This is a work-in-progress blog post. It will be updated when more information is available. For more detailed information about the vulnerability, see the How the Critical OpenSSL Vulnerability may affect Popular Container Images blog post. A critical vulnerability with an expected high or critical severity rate of CVSS score is about to be announced on November 1st on the OpenSSL project. There are still no details besides an announcement on the OpenSSL mailing list on October 25th.