Hi all,our company is trying to take advantage of the new analytics
capabilities offered by the 10.4 and the live content. We are developing
ESA rules to detect threats based on their category. For example a
windows malware category alert needs to fi...
Unfortunately, in our set-up we do need a second solution and I'll
explain you why:right now SA is not able to correlate events based on
their own timestamp (only with the timestamp that NwLogDecoder marks
them)we have some custom event sources (lega...
Hi, the mwg is fully rotating the log file which means renaming the
original file, compressing it and creating a new one for the new
content.In the meanwhile, however, we queried support about this doubt
and they answered that the set-up described in...
Hi, about the original question, does anyone know if the agent will
behave correctly (no events duplicated/lost) even in the presence of log
rotation? Our Web Gateway is rotating about every hour (max log size
reached) and the nicsftpagent is schedul...