Hi Team, Is there any document that can help to understand how cisco stealthwatch integrates with threatconnect (SOAR solution - now a part of RSA)? RegardsRajesh
Good Day I recently enabled syslogs from a bluecoat proxy into Stealthwatch.I can see some URL data for users so on the surface it does seem good.I did notice in the log file though some errors. FC01:~# tail -f /lancope/var/sw-flow-proxyparser/logs/s...
Things appeared to go sideways yesterday (02/10) with regard to the data in the SLIC feed - as we received 40+ alerts of C&C activity as users were browsing to www.google.com - the destination IPs were what is expected for Google The destination C&C ...
Hi Team,I have installed Host Classifier application v1.0.13 on SMC v7.0.3, but it is not populating any data on App dashboard as it could not find pre-defined host groups. Does this app needs manual creation of host groups. Thanks.
What is the purpose of Stealthwatch domains? What I was hoping it would do is isolate Flow Collectors, alarms, policies, etc., but it doesn't look like this is the case; at least in the Web UI. -Thanks
(this might mean that someone trying to fool you or steal any info you send to the server)the above message appeared on the client side when using FTD decrypt-resigned, is there any one can help solving that issue .
I just inherited Stealthwatch 6.10.5 all on VM which includes one of each of the following: smc, flow, udp. I now need to renew/update the existing certificates that were installed. I have renewed the existing certificates and have all three in a ....
Hello everyone, I understand that FlowSensor can provide "additional security context" by enabling the "Export HTTP(S) Header Data", "Export Packet Payload" and "Enable VXLAN Decapsulation". 1) Does that mean all the Stealthwatch Default Application ...
Hi all, Does the proxy ingestion license still exist in Stealthwatch or are the following licenses the only ones available now: - Flow rate license- Endpoint license- PNM- PCM Thanks
HI all I am trying to install SMC to test CTA to customer But I am getting a problem after activate CTA under SMC the registration are not working someone already pass for situation like this? Output below: Sep 2 21:06:23 smcve docker/cta-smc[2110]: ...
My ASA has numerous site to site VPNs connected to it. I am trying to log the connections made from the inside network to remote VPN site subnets. ACLs, as typical are bypassed for site to site vpns, so creating ACLs with logging preference are not...
Hi Team, May I know what is the maximum limit for the records to be returned from a query. Even if I set a higher number for max records returned in my flow query on WebUI or uncheck the record limit in desktop client, it does not return flows more t...
Hi, is there a way to reset the Interface Status under Interfaces- Monitor in Stealthwatch 7.1.2?Currently seeing "Interface Status (Since Reset Hour)" - not sure what this means..Thanks,
hi experts one question about the ad integrationnow it's partially working but the client have a doubt about the photo sectionit's possible to put a photo of the ad users in that section? like in the snapshot that i uploaded?i hope you can give me s...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: