Given the state of things with the Java exploits I was wondering if there is a way within Host Intrusion to log (without blocking) which of my machines are using Java applets when they browse the Internet. What I am looking for is something that will log when java is ran on a machine and to what IP that machine is connecting to while using Java. Could I create a rule for such a thing. If so would this be too large to keep track of? I have ~15,000 machines and I don't want to overwhelm my ePO server. HIPS 188.8.131.529 McAfee Agent 184.108.40.2060 VSE 220.127.116.11 and ePO version 4.5.4 HF1. Thanks.