-
Votes
2
syslog connector to route events based on CEF Vendor Product
Add an an additional “CEFVendorProduct” Package Policy, which works just like “Application ID” but uses the two CEF header fields for routing decision. The precedence of ...
Comments (0) | by: Norbert K. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
2
Enable file connector to read compressed files
Originally tracked in bug: https://bugzilla.netiq.com/show_bug.cgi?id=779043 The customer's Blue Coat proxy appliance stores logs to disk. If they grow to more then 10 ...
Comments (0) | by: Brandon L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
2
Bulk plugin download
Updating and downloading plugins is a time consuming and manual process. It is especially difficult as you need to download each one individually. It is also challenging ...
Comments (1) | by: John G. | over a year ago | Last activity over a year ago | Status changed over a year ago | Installation/Deployment
-
Votes
2
support pure-ftpd access log
I hope to be able to target pure-ftp log to parsing, because many of my customers use novell ftp to access nss volume, and novell ftp uses pure-ftpd service, so audit ...
Comments (1) | by: johnson y. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
2
Ability to Export\Import Routing Rules
In some environments there may be many routing rules configured in Sentinel to do things like forward events via Sentinel link, tag events, or forward to another syslog ...
Comments (3) | by: Eric L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
CheckPoint R80.xx: LogExporter Collector is needed
CheckPoint has migrated from LEA-protocol to LogExporter (syslog) to integrate with SIEM products. At the same time the log event format has changed. Therefore a new ...
Comments (0) | by: Timo S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
2
Sentinel 8.2.2.0 database upgrade failure due to older orphaned jar ...
During an upgrade from Sentinel 8.2.0.0 the database upgrade failed, after the main Sentinel upgrade failed. After investigation, it was determined that there were some ...
Comments (0) | by: Rob M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Installation/Deployment
-
Votes
2
Extend windows event logs possibilities in SAM
It could be interesting to extend windows logs (currently limited to secuity ad system logs) to others services/software like sysmon logs; powershell logs, RDP logs in ...
Comments (0) | by: david a. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
2
Adding comments/notes to an Event Routing Rule
Our customer would like to add note (or comment) to an Event Routing Rule, but currently it is not possible. Please, add this new field to Sentinel
Comments (0) | by: Erno P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Certify the use of BigIP together with Sentinel, SAM and UAM
Because a SAM Central Computer only can connect to one Collector Manager. It would be nice if it was supported adding a BigIP between SAMservers and Collector Managers. ...
Comments (0) | by: John S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Installation/Deployment
-
Votes
2
Correlation dropped error reporter
It should be configurable per event source if you want it to alert if the events don't come to Sentinel in the correct time window. At the moment the system writes these ...
Comments (0) | by: Jari V. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Prevent transmission of report/e-mail when the report is blank
We need option to prevent the transmission of e-mail alert when the scheduled report generated is blank in reporting module
Comments (0) | by: Santhiya S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Request for incremental backup options in the backup script for ...
Provide the backup script the ability to create an differential (incremental) update of the backup since time the last backup was performed. This reduces the time and ...
Comments (0) | by: Brandon L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
2
Detect anomaly's in user logon activity
The ability to detect anomaly's in user logon activity, ie logging on to a system they have never used before.
Comments (1) | by: John G. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
2
Palo Alto NGFW
Today, the operation system version of the Palo Alto NGFW is PAN-OS 8.1. However, the version we support is 6.0 in https://www.netiq.com/support/sentinel/plugins/ Do we ...
Comments (1) | by: Jack L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Installation/Deployment
-
Votes
2
Micro Focus should have a MS Dynamics collector +
Micro Focus should have a collector that supports MS Dynamics in the cloud but preferrably all services that a Sentinel customer is using from MS Azure. Here's MS page ...
Comments (0) | by: Pekka L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
2
389 Directory Server plugins
The goal is to parse 389 Directory Server logs
Comments (0) | by: david a. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
2
Send full message field when fired by Correlation Rules
Correlation Rules: Actions -> Send Email (Full Customization of all fields) Normally, the message field is not recommended to be used with Correlation Rules due to the ...
Comments (0) | by: Brian M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Manage alerts from multiple sentinel deployment using single ...
In the client's environment, they have multiple Sentinel deployments (Prod, Test, DMZ etc) Each of the environments have their own alerts that they can investigate and ...
Comments (0) | by: Khris F. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualizations
-
Votes
2
exclude results in sentinel through the fields area
it would be great if you could exclude results with a check mark in the refine fields area. instead of selecting what you want to see, you need to have the ability to ...
Comments (0) | by: James H. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualizations
Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.
We love to hear your ideas for improving Sentinel.
