Hi Experts, We've integrated Trend micro webproxy device with RSA SA
Netwintess (10.6.2.0). It forwards the same log under two different
types. For e.g. if user A accessed website B then 2 different logs are
generated with the exact time stamp. 1)Eve...
Hi Folks, We've come across some parsing issues for Trendmicro web proxy
logs and while checking with Vendor they've asked us to verify the
standard format being used on RSA SIEM in the fields. I could locate
below information from KB (SA: Introducti...
Hi Folks, Would like to know how you guys are keeping up with SA
Appliance/Host hardening? We are running on version 10.6.2.2 Also, would
like to know how to check below line-items on SA core appliances/VLCs? >
If telnet is enabled/running> If FTP is...
Hi Folks, We have created roles on the SA "read only access". The Same
role has been allocated to two users. One user is locally created on SA
while the other one has been integrated through external authentication
(AD). Local user account permission...
Hi All, I was just trying to use Alien Vault as TAXII server but has
observed that settings are not verified. Also tried by choosing
autnehtication and provided API key as user name and password field
blank as suggested by Alienvault guide.
Hey Mate, Since I wanted to whitelist specific pair of source IP -
destination IP, I have made csv file something like below: ip_src
string, ip_dst string18.104.22.168.2.3.5Hope that's right. Best Regards,Utsav
Dear All, I am trying to use the suggested method to use IMDB as a data
source to export report for the alerts. However, it doesn't allow me to
choose the option "from". I see that meta section keeps loading. Am I
missing out something? Thanks,Utsav ...