Hi, I have this rule configured, the objective is to find out multiple
login attempts from the same source IP with different users within the
time frame. @RSAAlert(oneInSeconds=0, identifiers={"ip_src"}) SELECT
event_time,ip_src,country_src,user_dst,...
Accidently I deleted the default SMTP Template for ESA notifications.
Can somebody point me where I can download the template or recover it or
if someone please can send it to me?
Is it possible to increase an appliance's memory? For example an Hybrid
appliance what are the recommendations in terms of scaling in terms of
EPS? Should we integrate anoher Hybrid appliance?
The query operators yes, if you need agregation or some more advanced
function you should create a rule and a report in the Report Engine.
Keep in mind that some meta tags could not be indexed or the operators
you are using do not work with the data ...
The link works form me, but this are the direct links to download:
https://edelivery.rsasecurity.com/patches/netwitness_logs_and_packets/nw_logparser_tool_1.1/LPTSetup-1.1.0.0.1015.x64.msi
http://edelivery.rsasecurity.com/patches/netwitness_logs_and_...
