1 Reply Latest reply on Jun 2, 2017 5:16 PM by hhoang

    DLP 9.4/10/11 - SIEM integration (RSA)


      Has anyone configured their RSA SIEM to digest DLP Incidents from the new table structure introduced with DLP 9.4/10/11 ?

      With 9.3 we are using a SQL Query against the EPO DB to pull DLP events - we used the query provided with the RSA SIEM.

      RSA hasn't updated this connector yet from what we can determine.


      Any one have a SQL query to pull the DLP Incidents in general (Dim and DiU).