Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello everyone,I'm looking for a way to exclude a specific application (or a port) from an alarm or from the security event itself.The reason is the "Windows Update Delivery" function causing Addr_Scan events resulting in Recon alarms.I would like to...
Hello,does this happen for interfaces which are capable of more than 1gb/s?You might need to enable ifX table columns in the SNMP profile on the SMC / Manager.
What does the exporter say in the mangement interface in regards to the SNMP state?If there is a timeout, the connection is not successfull. (maybe ACL, firewall, ..)If you do get SNMP data but the interfaces still show as ifIndex, you might need to ...
Hi,we do seem to have the same bug, tough we mostly see 2-5 file events for the same file. (same file size / hash)Hopefully there will be a fix for this.Regards,Florian
Hello,You should be able to see them regardless of the search options. Two things I would recommend to check:1) Are those ICMP request reaching any device which exports netflow?2) Is the netflow template on those exporters configured to export data f...
Hello,this feature does exist but is implemented by the Stealthwatch integration service team.So it is customized to your needs and very specific to your sources of IP adresses to be used for the host groups.We found it very useful for more dynamic e...
