1 Reply Latest reply on Dec 23, 2015 9:15 PM by andy777

    SIEM Problem with datasource




      We have a McAfee web gateway integrated to SIEM, but the we had to change the ip adress. After the change i don't see any data in the SIEM.

      Besided this, I see packets coming to the Receiver and i see the following.



      Also when i run this command iptables –n –v –L|grep x.x.x.x, i don't see any firewall rules for this source.


      What can i do? do i have to create an iptables rules? i don't want to delete and create a new datasource because i will lose any historical data.