Skip to content

LimaCharlie

Backstory supports ingesting LimaCharlie telemetry in order to visualize what is happening on the hosts themselves. Backstory requires only a very simple syslog configuration to a syslog listener setup by CYDERES.

Backstory Data Types

  • EDR
  • DNS

Configuration

  1. In the LimaCharlie management portal, select Outputs.
  2. At the top right, select the + symbol to add a new output.
  3. Name the output "CYDERES".

  4. Select the "syslog" module.

    limacharlie1

  5. In the "Destination Host" field, enter in the syslog endpoint information provided by CYDERES.

  6. Select the "Use SSL" slider option.
  7. Select the "No Headers" slider option
  8. Select "Create".