Hi Team, I has a list of Suspicious IP List, I need to create a Alert
rule which triggered based on the connection from Suspcious IP, Inside
ESA rule i need to use LIST feature , pls help us on this requirement
Thanks, SOCUSER
Hi Team, As a Compliance requirement , we must authenticate with AD
Login into SIEM please help us the steps to configure AD Authentication
in RSA Netwitness. Thanks & Regards, SOCTEAM
Dear Team, Our Critical Event Source is in Cloud, we need to forward
those logs to our VLC, we have achieved this in syslog via UDP 514 Port
,logs are forwarded to VLC. But we want logs to be forward in encrypted
SSL channel because log collection is...
Hi Team, We have a Temporary NAS Mounted to Archiver for 6 months , now
we received new Permanent NAS Solution, we need to move all the Data
from Temporary NAS to Permanent NAS, is their any easy way to achieve
this. we need to move 60 TB of data to ...
Hi Team, Alerts are not grouping into a Single Incident, In Incident
Rule we are grouping Alerts based on the Source IP within in one hour.
In that case of 1 hours , all the alerts relates to the source IP should
be grouped under one Incident but it ...
HI Sravan , Currently our Archiver is mounted with temporary NAS Storage
as warm storage, and we got permanent NAS Storage solution and we have
mounted it successfully. We need to migrate the old data from temporary
NAS to Permanent NAS ASAP because ...
Dear Mongo, Even I tried changing the Status from New to Assigned with
valid Status value , Mongodb updated successful but RSA Netwitness
Respondtab is not working properly for that changed incidents, PFA of
Valid Incident status values and incident ...