Note: This is especially useful when replacing a
downed ESM, and no backups are available or are corrupted. This may also be
used if you "inherent" a receiver from a peer business unit or SOC.
- Press alt and
F2 keys simultaneously.
- Enter "root" for
login name. Press enter.
|
|
- Enter the old
password to login
|
|
- Enter the the
following command to rekey the system to default.
- cat
/etc/NitroGuard/factory-id_rsa.pub > /root/.ssh/authorized_keys2
|
|
|
Proceed to add the
device to your new SIEM
|
|
|
|
|
|
|
|
- Click on the
Pancake menu to open side menu
|
|
|
|
|
|
|
|
- Select icon
with plus sign
|
|
- Select Event
Receiver, Click Next
|
|
- Enter Name of
the receiver, click next
|
|
- Enter IP
address of the Receiver click next
|
|
- Enter your
administrative password. Confirm it by typing in in twice. Click next
|
|
- If successful,
you will receive confirmation
|
|
