OwlH for PCI¶
OwlH can help you to demonstrate compliance with requirements:¶
Download OwlH PCI-DSS v3.2 Mapping - `owlh_pcidss_3.2.pdf`_ .. _owlh_pcidss_3.2.pdf: https://drive.google.com/file/d/1IfC23AHSULjY6GKmXG_S5ZIUWKEMyB33/view?usp=sharing
How to apply Suricata PCI Mapping¶
This must be run on every Wazuh logstash server and it will:
- Modify logstash configuration file to include OwlH PCI-DSS 3.2 mapping schema
- Copy OwlH suricata ET ruleset PCI-DSS mapping to config folder
- Restart logstash
Please, download configuration script
$ curl -so /tmp/owlhconfig.sh https://raw.githubusercontent.com/owlh/wazuhenrichment/master/owlhconfig.sh
and then run it
$ sudo bash /tmp/owlhconfig.sh
How to manage and custom your Suricata PCI Mapping¶
Please download the script that will allow you to manage your compliance mapping
$ curl -so /tmp/owlh-suri2pci.sh https://raw.githubusercontent.com/owlh/owlhpci/master/owlh-suri2pci.sh
usage: ./owlh-suri2pci.sh -a|ls|lc|m|d -s sid -c pci-controls -b bulk_file pci_map_file
-a|--append - append sid and pci-dss related controls to map file
-d|--delete - sid and pci-dss related controls from map file
-ls|--listsid - list pci controlers related with a sid or group of sids (grep)
-lc|--listctrl - list sids that are associated with pci control
-m|--modify - modify sid and pci mapping
-s|--sid - sid number
-c|--control - list of controls comma separated
If you need help:¶
- email our support team - support@owlh.net
- visit our community group - OwlH mailing list (owlh@googlegroups.com)
- join OwlH slack - OwlH Slack workspace
OwlH - current v0.11.x - Nov - OwlH Changelog
documentation last updated - Jan 21, 2020