We get DOE CIRC bulletins asking us to block certain IPs. DOENet does most of this for us. I would like to be able to search Marsfor multiple IPs rather than just a single IP to search for problems IPs. Is there a way to do this?
So I am unable to watch Mars incidents all day every day. Can I set up the box to email me (or other Administrators) when we get a Red Alert?I have set up a notification group in User Managment.
So our project allows Facebook interaction. Mars sends out this Incident Event type every time someone attaches to Facebook. Is this something I can just False Positive out or should I be concerned about it? What is Facebook sending back to our...
Thank you for the reply, I really appreciate it even if it wasn't the answer I wanted Cheryl WahlheimCyber SecurityS.M. StollerU.S. Department of EnergyOffice of Legacy Management(720) 880-4341
thank you! I knew there had to be a way, but of course I am in a hurry!Cheryl WahlheimCyber SecurityS.M. StollerU.S. Department of EnergyOffice of Legacy Management(720) 880-4341
Madhu, I also have questions about Kiwi and Mars but my question is, can I push Mars logs out TO the Kiwi syslog server?I will keep monitoring this discussion to see if you get any answers. We want to push the Mars logs to a proxy server and intoa N...
