UpPrevious Next Sheriff CSM™ Agentless Monitoring Sheriff HIDS allows you to run integrity checking without agents installed on hosts, network devices, routers, f...

UpPrevious Next Sheriff CSM™ Check Point MEPP When you configure Check Point Media Encryption and Port Protection (MEPP) to send log data to Sheriff CSM, you can ...

UpPrevious Next Sheriff CSM™ Cisco ACS When you configure Cisco ACS to send log data to Sheriff CSM, you can use the Cisco ACS plugin to translate raw log data i...

UpPrevious Next Sheriff CSM™ Configure Log Forwarding on Commonly Used Data Sources Sheriff CSM plugins process data collected from many different data sources, ...

UpPrevious Next Sheriff CSM™ Customize Existing Plugins Yourself %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft=...

UpPrevious Next Sheriff CSM™ Plugin Types The plugins included in Sheriff CSM are called detector plugins. They receive and extract events from logs, which inclu...

UpPrevious Next Task 2: Add a Level 1 Rule to Detect the Event This task adds a level 1 rule for the directive created in Task 1. In this rule, we try to match o...

UpPrevious Next Task 3: Add a Level 2 Rule to Detect the Same Event with 100 Occurrences In this task, we try to match the same events selected in Task 2. We wan...

UpPrevious Next Sheriff CSM™ Tutorial: Create a New Directive to Detect DoS Attack Sometimes, you may find that none of the built in directives work in your envir...