Skip to main content

Monitor & Capture
Bandwidth Spikes

Free Download

Free Hyper-V &
VMware Backup

Get 2 VMs for FREE!

Automatic Patching:
O/S +750 Apps

Download Now!

Log Management:
All Platforms

Free Download!

Free Hyper-V &
VMware Backup

Get 2 VMs for FREE!

Firewall Management
& Monitoring

Free Download!

Free Network-Server
Monitoring

Manage your Network!

Zoho - ManageEngine - Firewall Anaylzer

Common False positives/entries to ignore

ra8ul
Topic Author
Offline
New Member

More

14 years 1 month ago #35665 by ra8ul

Common False positives/entries to ignore was created by ra8ul

I have few queries regarding SIEM or log management.

1.What false positives/to ignore entries we see in firewall logs from domain controllers,Ips/Ids,Database logs,Vpn .
3.Does RSA envision connect directly to domain controllers.
4.How to learn basics of firewall log analysis & escalation.

Thanks in advance for your help.

ra8ul
Topic Author
Offline
New Member

More

14 years 1 month ago #35666 by ra8ul

Replied by ra8ul on topic Re: Common False positives/entries to ignore

in firewall logs i see port scanning entries populated which we have to ignore.
like this entries logs from dc,database,ips,unix....

Plz help.....
Thanks.

ra8ul
Topic Author
Offline
New Member

More

13 years 11 months ago #35952 by ra8ul

Replied by ra8ul on topic common

Any one...

Time to create page: 0.115 seconds