Given the state of things with the Java exploits I was wondering if there is a way within Host Intrusion to log (without blocking) which of my machines are using Java applets when they browse the Internet. What I am looking for is something that will log when java is ran on a machine and to what IP that machine is connecting to while using Java. Could I create a rule for such a thing. If so would this be too large to keep track of? I have ~15,000 machines and I don't want to overwhelm my ePO server. HIPS 184.108.40.2069 McAfee Agent 220.127.116.110 VSE 18.104.22.168 and ePO version 4.5.4 HF1. Thanks.