0
votes
1
answer
7
views

Procedure for handling temp or ._ files in war and tomcat directory

We see ._<filename> under various folders in tomcat directory and Profiler War directory. What is the recommended procedure to deal with these files. Should we delete them or do nothing
6 hours ago anjan ♦♦111
0
votes
1
answer
8
views

Tracking identity enablement/disablement

In our identity feed, we have a flag indicating if userid is enabled or disabled. I want changes to this flag's state to affect the user table's dateenabled and datedisabled fields. I could do it via a scheduled SQL function on the server side, such as check flag status and if current state's time s...
yesterday tgulati ♦♦161
0
votes
1
answer
24
views

How to run incremental behavior based outliers in 4.6.10?

Running the behavior based activity outliers has been made pretty simple in Securonix. Instead of choosing start date and end date, the first job itself can be run as incremental. In the start date option, choose the date from which you want to run the behavior outliers. Eg, choosing the start date ...
14 Dec, 22:47 Praful ♦♦126
0
votes
1
answer
46
views

Support for International Languages

How to enable support for Hebrew and Japanese language in Securonix.
06 Dec, 15:13 Praful ♦♦126
0
votes
1
answer
90
views

Bigram Comparator

How does Bigram comparator function under the Correlation rule compare data?
04 Dec, 20:17 tgulati ♦♦161
0
votes
1
answer
53
views

Why we have to use transactionstring1 for activity related info

Why we have to use transactionstring1 for activity related info
25 Nov, 22:08 Praful ♦♦126
0
votes
1
answer
59
views

Threat categories

How are the threat categories identified on the left hand side of the main page ?
20 Nov, 19:07 Praful ♦♦126
0
votes
1
answer
54
views

notifications

How are the mail notification configured on securonix?
20 Nov, 18:59 Praful ♦♦126
0
votes
1
answer
55
views

Incidents and its status

How are the case status decided for incidents?
20 Nov, 16:28 Praful ♦♦126
0
votes
1
answer
64
views

LDAP referral settings

What should the LDAP referral settings be. any recommendations?
20 Nov, 16:04 anjan ♦♦111
0
votes
1
answer
82
views

Enabling Data Clean Up Jobs - 4.6 (Housekeeping)

How do I create a data clean up job to delete old files (files older than 'x' days) on the server in 4.6?
14 Nov, 16:25 Aditya90
0
votes
1
answer
89
views

Experience with McAfee hDLP?

Initiating intelligence efforts are McAfee ePO's host DLP, initially for exfiltration and then expand to include deep-scans for various indicators. After review of data, planning to bring in DLP_EventView's ComputerName, FocusDisplay, EventRowID, EventTypeDisplayName, OriginalEvidenceListSize, Onlin...
14 Nov, 02:21 tgulati ♦♦161
0
votes
1
answer
1.9k
views

How can we convert the logs in to particular time zone from application in the Resources monitor activity?

How can we convert the logs in to particular time zone from application in the Resources monitor activity? like i have set EST Time ZONE in my application and EST time zone in my db if i want to convert particular resource groups logs in to UTC how i can achieve that? Sample Log Feed:- Oct 25 00:11:...
10 Nov, 15:26 Praful ♦♦126
0
votes
3
answers
506
views

Incremental import for MS SQL logs

I am trying to import logs from MS SQL Database incrementally. I have set the Increment field Name as "Date", Type as "Date" and format as "mm/dd/yyyy". But import is not happening incrementally. What is the condition field to be specified for incremental import.
09 Nov, 21:14 Praful ♦♦126
0
votes
1
answer
144
views

net.sf.jasperreports.engine.fill.JRExpressionEvalException while running report

11:35:30,495 ERROR JRFillSubreport:774 - Fill 1: exception net.sf.jasperreports.engine.fill.JRExpressionEvalException: Error evaluating expression : Source text : new java.lang.Integer(1) at net.sf.jasperreports.engine.fill.JREvaluator.evaluateEstimated(JREvaluator.java:308) at net.sf.jasperrepo...
07 Nov, 01:29 adhabale11
0
votes
1
answer
69
views

Enabling Third Party Intelligence based Policies

How do we create policies that uses third party intelligence data in Securonix 4.6 for activity logs based policy?
05 Nov, 11:46 Aditya90
0
votes
1
answer
81
views

How to move securonixwarm to another partition

Securonix's database partition is tight on space. Moving securonixwarm to another partition would address the issue.
05 Nov, 11:00 JasonBlue15
0
votes
1
answer
94
views

Can we customize menu in Securonix 4.6?

Can we customize menu in Securonix 4.6?
03 Nov, 00:46 Praful ♦♦126
0
votes
1
answer
628
views

New category is not getting displayed on dashboard

While creating a policy I create new Category. But that New category is not getting displayed on dashboard. I can see threats on threat dashboard.
03 Nov, 00:42 Praful ♦♦126
0
votes
2
answers
117
views

What are the steps to import ArcSight data in Profiler 4.6 ?

How do we configure and import ArcSight CEF data in 4.6?
03 Nov, 00:31 Praful ♦♦126
0
votes
1
answer
84
views

Memory leak warnings or errors during tomcat start up

I am seeing a few memory leak errors / warnings during tomcat start up. The warnings or error messages are one of the following - The web application created a thread local.... thread local forcibly removed. The web application seems to have started a thread named ..... Because of these errors, ...
31 Oct, 03:47 Aditya90
0
votes
1
answer
91
views

No files to import - Arcsight CEF data import - Profiler 4.6

I am trying to import ArcSight CEF data in Profiler 4.6 and the application says that there are no files to import. There are new lines in the input file and the processed file is present in the source directory. How do we resolve this ?
31 Oct, 03:26 Aditya90
0
votes
1
answer
78
views

FileNotFoundException - ArcSight CEF data import ( application looks for the file under conf folder)

I am seeing a file not found exception while importing ArcSight CEF data in 4.6. The application looks for the file under $SECURONIX_HOME/conf/ folder. How do we resolve this?
31 Oct, 03:19 Aditya90
0
votes
2
answers
353
views

SOLR Indexing Error: Lock obtain timed out

There is an error obtained while creating a core in the application. The error is seen in the securonix.log. The error is similar to the one below. 05:18:26,435 DEBUG [ConfigController] saveTPICore - [corecriticality:0.2, mentry:, token_val:a27ff44b-a30e-4d00-87ba-a07348a2c06a, org.codehaus.groovy....
31 Oct, 02:50 anjan ♦♦111
0
votes
1
answer
88
views

How do we connect the application to LDAP using SSL connection ?

What are the pre-requisites for connecting the application to import data from LDAP using SSL Connections?
30 Oct, 13:20 anjan ♦♦111
0
votes
1
answer
87
views

Null Pointer Exception While Importing Data - File Import

Facing null pointer exceptions while importing from a file. The job was a user import job with the employeeID column containing non-null values. 10:33:24,246 ERROR [QuartzJob] Error in job execution: Import-Users-1 com.securonix.application.exception.matcher.MatcherReaderException: ERROR IMPORTING ...
29 Oct, 14:08 Aditya90
0
votes
3
answers
160
views

What is best way to import a watchlist?

Been given a flat file of employee identifiers to be used as one of our watchlists; requirements are for new idenitifiers to be added to the watchlist on an ad-hoc basis. The watchlist will then be used from a policy to identify risky behavior by any members. What is best way to incorporate a file-b...
23 Oct, 00:07 tgulati ♦♦161
0
votes
2
answers
141
views

Configuration of arcsight preprocessor

I am trying to configure CEF formatted logs in 4.6. Even though i configured data source as Arcsight (CEF) device, in logs its showing me "ArcSight CEF? False" and arcsight pre-processor is not getting called. Is there any other file where we need to configure this in 4.6.
15 Oct, 14:20 anjan ♦♦111
0
votes
2
answers
100
views

How Do i avoid Broken Pipe Error in Securonix.log

How do you avoid Broken Pipe Exceptions which are logged in Securonix.log
15 Oct, 13:34 anjan ♦♦111
0
votes
1
answer
183
views

How does Securonix integrate with Sailpoint ?

How Does Securonix Integrate with Sailpoint ?
15 Oct, 10:30 mnair71
posts per page153050