1 Reply Latest reply on Dec 11, 2015 9:08 AM by andy777

    SIEM Filter options

    itgfcsys

      All

      When working in the SIEM to review events and alerts, is it possible to provide a text or CSV file for specific fields? If so how is thsi implemented, is it advisable to use?

       

      Use Case - Review firewall events for specific ssource and destinations based upon results of policy.

      Data - Firewall logs, CSV of sources, CSV of Destination, specific action,

      Results - looking for source, dest, protocol, port.