cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
IgorMuster
IgorMuster
Level 8
Report Inappropriate Content
Message 1 of 3
‎06-16-2019 08:47 AM

Is there any method for Data Enrichment be case insensitive?

Hello,

I have an issue with Data Enrichment based on LDAP queries against the Active Directory functionality since McAfee ESM is case sensitive - is there any way to resolve this issue?

Thanks

 

Reply
2 Replies
Highlighted
lhud64
lhud64
Level 7
Report Inappropriate Content
Message 2 of 3
‎07-10-2019 06:15 AM

Re: Is there any method for Data Enrichment be case insensitive?

I am trying to use a LDAP query from an AD server with makes all hostnames in uppercase, but the events in the siem  as lowercase. Is there any way to create a watchlist and have a case insensitive button or something like when using Dashboards.

I have seen this being asked many timesfor over 5 yrs in the forums but have seen no response to add this as an improvement.

0 Kudos
Reply
David1111
Reliable Contributor David1111
Reliable Contributor
Report Inappropriate Content
Message 3 of 3
2 weeks ago

Re: Is there any method for Data Enrichment be case insensitive?

Hi, igor.

in the Data Enrichment phase - theirs' no solution for importing in uppercase or lower case.

but you could configure case insesitive when quering or filtering in the Dashboards \ Reports

by clicking on the "Aa" button.

 

just want to mention... in the correlation rules you will not be able to correlate with case insensitive...

just in fields that give you a option for REGEX then you could insert the proper REGEX for case insensitive.

 

Best Regards👍👍👍

David.

 

 

0 Kudos
Reply
More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator

    • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community


    Corporate Headquarters
    2821 Mission College Blvd.
    Santa Clara, CA 95054 USA

    Consumer Support   |   Enterprise Support   |   McAfee.com

    Legal   |   Privacy   |   Copyright © 2019 McAfee, LLC