-
Votes
3
Add the ID field to the message logs under all information
I think it would beneficial to take the information from the TIPS area in sentinel and populate it in the details of the logs when you select all. Add the ID tag to the ...
Comments (1) | by: James H. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Planned
4
Support IPv6 through and through
Instead of hacking the system, such as TID 7016555, to make any use of IPv6, Sentinel should not only accept IPv6 syntaxes, but store and parse them in such a way that ...
Comments (0) | by: Ben W. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Planned
14
Run correlation rules on history data
It would be nice to have the ability to run correlation rule againt history data and let the rule fire alerts. Now it is only possible to test the rule, but not to have ...
Comments (1) | by: Torsten F. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
9
CM backup
Customers are asking why we do not have official backup/restore script or other CLI method to export/import CM configuration.
Comments (0) | by: Piotr P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
9
Search results sorting
Currenty search results are sorted descending according to Event Time. But when two same events have the Event Time parameter same, the order of these events is wrong. ...
Comments (1) | by: Jakub M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
4
Use Email lists in correlation events
If you have multiple recipients for correlation event alarms, you have to create from CC's action manager an action for each recipient or add multiple addresses to the ...
Comments (2) | by: Jari V. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
14
EPS level alert, monitoring and visualization
Currently Sentinel does not have any method to monitor EPS levels properly. It would good to have some way to monitor EPS levels and have an alert if e.g. system ...
Comments (5) | by: Timo S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
6
To support report for ISO 27002, year 2013.
Current version is ISO 27002, year 2005. When sentinel can support 2013?
Comments (1) | by: Fredric T. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
3
Data Synchronization enhancement
Enhance the data synchronization feature to allow the user to specify a start and finish date. Additionally, allow the user to kick-off the job on a specific date/time ...
Comments (2) | by: Richard B. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Planned
4
notification on alert creation or owner change
there should be an option to notify the owner if an alert is assigned.
Comments (4) | by: Norbert K. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
6
Support Wildcarding In Dynamic Lists
Dynamic Filters should allow the same CIDR notation and wildcarding that Lucene allows specifically for IP addresses. Should also allow ranges like 10.14.1.[1-50]
Comments (1) | by: John G. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
1
General users should be able to view Health Status Info
General users should be able to view but not edit or modify the following collection - Overview & Event sources Storage - Health, report jobs, search jobs When ...
Comments (1) | by: Gus M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
2
Supporting Syslog TCP with Octet Counting Framing
This framing mode is yet to have a wide acceptance. Also, the latest rsyslog does have an optional mode for this --> ...
Comments (0) | by: Pradeep K. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
6
Checksum for eventdata
Currently Sentinel creates checksum only for rawdata in secondary storage. There are some cases where checksum is needed to event data as well. -Br, TimoS
Comments (5) | by: Timo S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
1
file connector
In Event Source Management, when processing a file with the file connector, once processing begins under connection information, it states "Reading file..." this is good ...
Comments (0) | by: Johnnie S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
2
Request for incremental backup options in the backup script for ...
Provide the backup script the ability to create an differential (incremental) update of the backup since time the last backup was performed. This reduces the time and ...
Comments (0) | by: Brandon L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
1
Provide end user with alertable event when Agent Manager Central ...
Ideally, we want the server to send a last message to the back-end when the Central Computer shuts down, but alternatively maybe there needs to be a 'are you alive' check ...
Comments (0) | by: Brandon L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
2
Detect anomaly's in user logon activity
The ability to detect anomaly's in user logon activity, ie logging on to a system they have never used before.
Comments (1) | by: John G. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
3
Distributed search for All Identity Tracking Reports
All Identity Tracking Reports (Account Tracking, Recent Activity, Password changes, Suspicious activity overview ) have hardcoded Database in the selection of data source ...
Comments (1) | by: Khris F. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
5
Agent Manager Agent shoud send Heartbeat Events to detekt that it is ...
There should be a possiblity to detect that an Agent Manager Agent is running independent from sending events to Sentinel. I think one possibilty would be to have a ...
Comments (1) | by: Ulrich S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.
We love to hear your ideas for improving Sentinel.
