-
Votes
6
F5 parser Event Name in clear text ...
Hi, This Collector has been added to support High Speed logging. The collector uses log message ID numbers as Event Name. This is not clear text and clear to understand. ...
Comments (0) | by: Timo S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
6
Normalize severity against a standard severity scale rather than ...
Different vendors attribute different severities to certain types of events based on their own internal way of looking at the data. When Sentinel sets the severity, it ...
Comments (2) | by: Brandon L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Planned
6
Carbon Black Enterprise Response collector
Carbon Black Enterprise Response is well know in this space. With no Sentinel Collector, that's a significant blindspot of device and user activity in our network.
Comments (2) | by: Richard M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
6
Customer needs the ability to process EVTX files from netapp
Sentinel should be capable of ingesting evtx files from netapp
Comments (3) | by: James H. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Planned
6
Raw bulk syslog event forwarding
Allow forwarding of raw syslog events at volume to additional locations with the ability to spoof the source ip on UDP sessions
Comments (0) | by: cameron s. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
6
To support report for ISO 27002, year 2013.
Current version is ISO 27002, year 2005. When sentinel can support 2013?
Comments (1) | by: Fredric T. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
6
Possibility to restart individual Event source via CLI or REST API
Background: We have severe problems with File Connector log sources and have not get solution for that yet. For some reason file reading hangs occasionaly and never ...
Comments (0) | by: Kimmo J. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
6
Asset mapping for hostnames
Current Asset mapping works only for IP and tenant name as a keys. But some customers use hostnames as the asset identification as they use DHCP servers. It is not ...
Comments (1) | by: Jakub M. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
6
Email zipped events in notification when correlation rule hits.
We need the events to be zipped in mail notification as it becomes easier to analyze events if there are too many events.
Comments (0) | by: securview s. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Make correlation event retention length configurable separately from ...
Provide the means to configure correlation event retention to a different period than data event retention in order to prevent the PostgreSQL from growing too large.
Comments (1) | by: Nicholas V. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
EVT/EVTX file via Agent Manager Agent
In agent manager you can read a Single Line Log. It would be a great enhancement to read also evt/evtx files, because there are several software products that write ...
Comments (1) | by: Ulrich S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Installation/Deployment
-
Votes
5
Sentinel does not provide an explicit logout message
Please provide the following enhancement to the NetIQ Sentinel web interface: An explicit logout message indicating that the authenticated communications session has been ...
Comments (0) | by: Hoa L. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Dashboard / Visualization from other Sentine Server
I need an option to use the Data Federation not only on searches and Reports, but also on Dashboards and Visualization. This is very important for scalability issues to ...
Comments (1) | by: Ulrich S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualizations
-
Votes
5
Aruba Mobility Controller with younger OS
We downloaded the latest SmartConnector package (ArcSight-7.11.0.8139.0-Connector-Linux64.bin). Customer would like to collect data (with Aruba SC) from their Aruba ...
Comments (0) | by: Erno P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Supported Platforms
-
Votes
5
allow additional links to be added to app navigation bar
The left nav bar in the Sentinel app currently has links for home, main, search and (at the bottom) security health. This leaves a lot of room that could be used to add ...
Comments (0) | by: Norbert K. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualizations
-
Votes
5
Import event sources
We have more than 200 servers which need to be created in multiple collectors. It would be great to import them via a CSV.
Comments (1) | by: Andreas H. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Agent Manager Agent shoud send Heartbeat Events to detekt that it is ...
There should be a possiblity to detect that an Agent Manager Agent is running independent from sending events to Sentinel. I think one possibilty would be to have a ...
Comments (1) | by: Ulrich S. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
5
Tenant based roles to allow to run remote searches or manage ...
Customer reported that they are planning to deploy a multi tenant Sentinel system. They would like to use multi-tier architecture, where they have multiple Sentinel for ...
Comments (0) | by: Piotr G. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Need some more granularity for user permissions
There are some features/functions, which only accessible for "super-users", e.g. creating/maintaining Actions, configuring Storage, etc... Our main issue currently, how ...
Comments (0) | by: Erno P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
5
Update SSL Certificates
Please either allow or build in a function to allow the update of an SSL certificate issued from either a third party CA or an internal CA for website functionality. In ...
Comments (1) | by: David E. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.
We love to hear your ideas for improving Sentinel.
