-
Votes
10
make searching for "lateral movement" easier in the WebUI
I really like the feature of being able clicking on fields to add a new criteria to the search query. When analyzing events, I often need to find similar events and do a ...
Comments (3) | by: Norbert K. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualizations
-
Votes
17
Customize Email-Alert fields
Situation: in the js-email-alert function you can choose between "Important Data", "All-Data", and "Minimal Data". If you use CustomVariable or need some other variables ...
Comments (1) | by: Torsten F. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
6
Email zipped events in notification when correlation rule hits.
We need the events to be zipped in mail notification as it becomes easier to analyze events if there are too many events.
Comments (0) | by: securview s. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
2
Email zipped events in notification when correlation rule hits.
We need the events to be zipped in mail notification as it becomes easier to analyze events if there are too many events.
Comments (0) | by: ajinkya d. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
18
View single raw data event in the WebUI
Sometimes I miss the ability to quickly preview a single raw data (event) related to the event I want to check. Customers are asking for this too.
Comments (6) | by: Piotr P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualizations
-
Votes
3
Browse to AD objects when creating correlation rule or lists.
It would be good if we could leverage some of the technology in CG to browse to AD objects when creating correlation rule or lists.
Comments (0) | by: James H. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Votes
5
Permissions to Security Intelligence Boards
Changing the permission structure: Now: Only access to all events for a user and permissions to SI boards are possible. If you limit the event view with a filter you ...
Comments (0) | by: Torsten F. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualizations
-
Planned
14
Run correlation rules on history data
It would be nice to have the ability to run correlation rule againt history data and let the rule fire alerts. Now it is only possible to test the rule, but not to have ...
Comments (1) | by: Torsten F. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Planned
4
Kaspersky Security Center Collector
Kaspersky is one of the Top 5 Security Solutions on the market. Collectors for McAfee, Sophos, Symantec, Trend Micro exist, the creation of a Kaspersky Security Center ...
Comments (3) | by: Jan R. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Planned
5
Extend Feed Frequency Options
At the moment the minimum Feed frequency is Weekly. Considering IP2Location only updates their databases once a month, this weekly minimum is a waste of resources to ...
Comments (1) | by: Ben W. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Planned
8
Support both IPv4 and IPv6 for IP2Location
IP2Location offers IPv4 and IPv6 as separate databases (e.g. DB5 & DB5IPV6) so the feed should be capable of processes both CSV's into Map without the need for complex ...
Comments (1) | by: Ben W. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Planned
4
Support IPv6 through and through
Instead of hacking the system, such as TID 7016555, to make any use of IPv6, Sentinel should not only accept IPv6 syntaxes, but store and parse them in such a way that ...
Comments (0) | by: Ben W. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
3
Add the ID field to the message logs under all information
I think it would beneficial to take the information from the TIPS area in sentinel and populate it in the details of the logs when you select all. Add the ID tag to the ...
Comments (1) | by: James H. | over a year ago | Last activity over a year ago | Status changed over a year ago | Other
-
Votes
8
Schedule download for scp or/and sshfs for file connector
SCP option in the file connector should have schedule/recurring download option. sshfs together with CIFS and NFS, would be very useful option too.
Comments (0) | by: Piotr P. | over a year ago | Last activity over a year ago | Status changed over a year ago | Installation/Deployment
-
Votes
3
authorization for actions
Allow actions to have access controls and be aware of the user running the action. I may have users in role 1 that I with to allow to disable switch ports through an ...
Comments (0) | by: cameron s. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Votes
8
Ability to import production collectors into the SDK to customize and ...
Provide SDK versions of released collectors - all the data is already contained in the released collector. This step just removes the task of creating a new collector in ...
Comments (2) | by: cameron s. | over a year ago | Last activity over a year ago | Status changed over a year ago | Installation/Deployment
-
Planned
6
Raw bulk syslog event forwarding
Allow forwarding of raw syslog events at volume to additional locations with the ability to spoof the source ip on UDP sessions
Comments (0) | by: cameron s. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Planned
2
Forwarding of netflow data
The ability to forward raw netflow data using spoofed or non spoofed source address. Allowing additional tools to get flow data
Comments (0) | by: cameron s. | over a year ago | Last activity over a year ago | Status changed over a year ago | Integrations
-
Planned
16
Export PDF reports with password protection in Sentinel
The possibility to export reports (CSV, PDF or other format) with password protection to increase security and sending by email.
Comments (3) | by: Jesus G. | over a year ago | Last activity over a year ago | Status changed over a year ago | Configuration
-
Planned
7
Out of box Reports extraction Format
At this time reports (out of box)can only be exported from the SIEM as PDF files. It would be great if we could get those reports in CSV format as well.
Comments (1) | by: Ted E. | over a year ago | Last activity over a year ago | Status changed over a year ago | Dashboards/Visualizations
Micro Focus Enhancement Requests Portal is moving. We are migrating the IDEAS from this site to the New Idea Exchange on May 6th. For more information on the new Idea Exchange please visit the Community FAQs.
We love to hear your ideas for improving Sentinel.
