Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
mhanson2004
Level 1
Level 1
Member since ‎02-19-2013
‎07-24-2018
Recent Badges
Awards

User Statistics

  • 14 Posts
  • 0 Solutions
  • 0 Helpful votes Given
  • 0 Helpful votes Received
Recent Badges
See all
10 Replies
5 Replies

User Activity

Signature ID = 6043

04-15-2015
Signature update S862 that included Signature ID 6043 Microsoft.HTTP.Sys Remote Code Execution was just released. We are seeing a large amount of alerts on this signature with the alerts coming from machines on our network with the traffic  heading o...

False Positive on Sig 4689/1 Bash Environment Variable Command Injection

09-26-2014
I am seeing what I believe is false positives on Sig 4689/1 outbound from our network. When I look at the traffic capture from events it does not seem to match inbound traffic events that fire on the same signature. The inbound traffic looks very muc...

Error Message: - collectStatistics failed

02-19-2013
In the past week or so I have been unable to view historical events in the event monitoring tab of the IME for times when I was not logged on to the IME interface. I am able to manaully generate the event log from the sensor monitoring area and it do...
Community Statistics
Member Since ‎02-19-2013 08:26 AM
Date Last Visited ‎07-24-2018 01:47 PM
Posts 14