想要詢問:因為Cisco EndPoint Dashboard 只能儲存30天的log資訊,但因為稽核或是種種因素,需要更長時間的去留存這些log,所以變成都要一直手動趁30天內一直重複去收集下載這些Raw data , 有沒有什麼方式可以設定排程自動定期寄送這些RAW log的方法呢??
Forum Posts
Resolved! Uninstall/ Remove AMP Secure Endpoint
Is there a way to uninstall the Cisco AMP connector from all devices at the same time, instead of logging into each device and uninstalling it manually?
Anyone else experiencing this issue in the subject. I tried a reinstall but it still shows up as the same. Help if possible.
Resolved! API call to create a policy
I'd like to create a policy via API calls (so that I can have automation do it). I looked through the documentation and see that I can get policy details and delete policies, but I don't see a way of creating a new policy. Am I missing it somewhere...
Resolved! Integration with O365
Hi there, I hope you're doing well. Is there an integration with O365 and Cisco Secure Endpoint? Kind regards, Josue Gaytan.
My organization uses Cisco Secure Endpoint, and I want to block an app on a specific computer. I can add the file hash for the executable to an App Blocklist, add that blocklist to a Policy, add the policy to a Group, then move the computer to that ...
Is it possible to put a machine in isolation, to keep it off our internal network, but still allow the machine to access the internet? I have built an IP Block List with our internal IPs, but we would want our end users to be able to access the inter...
Hi Team,I’ve noticed that the data on the assets and dashboards in Cisco XDR isn't up to date. Specifically, the number of computers and information shown in Secure Endpoint doesn’t fully match what I see in XDR, and the numbers seem different. Could...
We started getting W32.RetroDetected (Chrome.exe) detections on a number of computers. We are continuing to receive them. Anyone else seeing this?
I´m trying to stop the email notifications from a subscription filter in Cisco AMP, a coworker create this subscription by mistake and now we're recieving a lot of emails related to a Execution Blocked and I want to stopped please
Dear Cisco Community, I have the concern with define rule for Endpoint Purge. There have profile / logical profile / Identity Group hitting UNKNOWN around 300K. For Endpoint Type get "MISC". Let review the rules - Unknown And Endpoint Purge Inactiv...
Deploying Cisco CyberVision and 1800 Router for client. Seeking advice/guidance on best deployment methods/options
File: update.exeMD5: 648c906259cfbd6f16fc182096e4f301SHA-1: b331ea934c8c2b7eaad18f3c9e177022dccfc05aSHA-256: f86384278d74c3de6a1a7b9ac6953634725da77c3d19ef4ea2742d37249b70eaDetection: Win.Trojan.Generic::95.sbx.tgThis program is the upgrade program f...
Hello,I was wondering, if someone has any experience how Elisity use Cisco cat9300 as sensor and policy enforcement "agent" For example, what protocol do they use. For example, do they use restconf? And what kind of API calls are made and what part...
