Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
68
Views
0
Helpful
0
Replies

Cisco Secure Network Analytics - .CSE Rule Exclude Payload information

aleksta9826435
Level 1
Level 1

‎04-02-2025 12:09 AM

Hi everyone,

Having some .CSE rules when high amount of data Is leaving a internal network. Having alot of false positives related to this. 
And I'm wondering If It's possible in some way to exclude a specifik "Subject Payload" field?

That "Subject Payload" Is visibile due to my SAL logging that I have. 

From a regular "flow search" I can exclude  the "Subject Payload" field under, 
--> Advanced Connection Options
--> Payload

But this Is not available under,
--> Policy Management
--> Custome Security Events

Thanks

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents