Backlinks to Events in Sheriff Web (Search all webs)
Results from Sheriff web retrieved at 20:17 (GMT)
A10ThunderWebApplicationFirewall
UpPrevious Next Sheriff CSM™ A10 Thunder Web Application Firewall (WAF) When you configure A10 Thunder WAF to send log data to Sheriff CSM, you can use the A10 Th...
r10 - 05 Jul 2022 - 03:50 by SheriffCyberSecurity
ASUSTeKRouter
UpPrevious Next Sheriff CSM™ ASUSTeK Router When you configure ASUSTeK Router to send log data to Sheriff CSM, you can use the ASUSTeK Router plugin to translate ...
AboutSheriffCSM
UpPrevious Next Sheriff CSM™ About Sheriff CSM %TWISTY{ showlink="table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...
r16 - 20 Jun 2022 - 17:43 by SheriffCyberSecurity
AboutSheriffCSMComponents
UpPrevious Next Sheriff CSM™ About Sheriff CSM Components The following diagram provides a high level view of the overall Sheriff CSM architecture. Sheriff CSM h...
AboutSheriffCSMSystemArchitectureAndComponents
UpPrevious Next Sheriff CSM™ About Sheriff CSM System Architecture and Components As a unified security platform, Sheriff CSM combines several critical security ...
r11 - 23 Feb 2022 - 02:21 by SheriffCyberSecurity
AddingAssets
UpPrevious Next Sheriff CSM™ Adding Assets Sheriff CSM provides different ways to add your assets: Note: The Sheriff CSM system inserts new assets automatically ...
r18 - 03 Jun 2022 - 17:50 by SheriffCyberSecurity
AgentlessMonitoring
UpPrevious Next Sheriff CSM™ Agentless Monitoring Sheriff HIDS allows you to run integrity checking without agents installed on hosts, network devices, routers, f...
r10 - 08 Jun 2022 - 18:54 by SheriffCyberSecurity
AlarmDetailsColumnsAndFields
UpPrevious Next Sheriff CSM™ Alarm Details — Columns and Fields Alarm Details field descriptions Column/Field Name Description Status Whether or not t...
AlarmManagement
UpPrevious Next Sheriff CSM™ Alarm Management %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" ...
r15 - 03 Jun 2022 - 18:44 by SheriffCyberSecurity
AlarmsListFields
UpPrevious Next Sheriff CSM™ Alarms List — Fields Alarms list fields Column/Field Name Description Date Date and time Sheriff CSM completed alarm corr...
AlarmsTrayFields
UpPrevious Next Sheriff CSM™ Alarms Tray – Fields Alarms tray field descriptions Sheriff CSM Field NameDescription Intent Strategy Describes the attack pa...
AnalyzingAlarmsEventsLogsAndTickets
UpPrevious Next Sheriff CSM™ Analyzing Alarms, Events, Logs, and Tickets You will likely spend the most time reviewing and analyzing the network security of your...
r16 - 16 Jun 2022 - 19:11 by SheriffCyberSecurity
Arpalert
UpPrevious Next Sheriff CSM™ Arpalert When you configure Arpalert to send log data to Sheriff CSM, you can use the Arpalert plugin to translate raw log data into...
ArrayNetworksSecureAccessGateway
UpPrevious Next Sheriff CSM™ Array Networks Secure Access Gateway When you configure Array Networks Secure Access Gateway to send log data to Sheriff CSM, you ca...
ArtilleryHoneypot
UpPrevious Next Sheriff CSM™ Artillery Honeypot When you configure Binary Defense Artillery Hfoneypot to send log data to Sheriff CSM, you can use the Artillery ...
r10 - 27 Jun 2022 - 23:44 by SheriffCyberSecurity
AssetDetailsViewTabDescription
Asset Details View Tab Description TabInformation Shown Vulnerabilities Vulnerabilities related to this asset. Alarms Alarms related to this asset. Event...
AssetGroupListView
UpPrevious Next Sheriff CSM™ Asset Group List View An asset group is an administratively created object that pools similar assets used for specific purposes. Sher...
AssetListView
UpPrevious Next Sheriff CSM™ Asset List View The Asset List view, Environment Assets Groups Assets, provides a centralized view of your assets. For fiel...
r11 - 18 Nov 2021 - 18:52 by SheriffCyberSecurity
AssetValue
Asset Value Specifies an asset's importance or critically relative to other managed assets.
NEW - 19 Nov 2020 - 00:02 by SheriffCyberSecurity
AssetsAndGroups
UpPrevious Next Sheriff CSM™ Assets and Groups It is important for security practitioners to know what assets are connected on the company network and how the de...
AtomicSoftwareHoneyBOT
UpPrevious Next Sheriff CSM™ Atomic Software HoneyBOT When you configure Atomic Software HoneyBOT to send log data to Sheriff CSM, you can use the HoneyBOT plugi...
AvayaMediaGateway
UpPrevious Next Sheriff CSM™ Avaya Media Gateway When you configure Avaya Media Gateway to send log data to Sheriff CSM, you can use the Avaya Media Gateway plug...
r15 - 28 Jun 2022 - 04:00 by SheriffCyberSecurity
AvayaWirelessLAN
UpPrevious Next Sheriff CSM™ Avaya Wireless LAN When you configure Avaya Wireless LAN to send log data to Sheriff CSM, you can use the Avaya Wireless LAN plugin ...
BackUpAndRestoreAlarms
UpPrevious Next Sheriff CSM™ Back Up and Restore Alarms By default, Sheriff CSM stores alarms in the database until you delete them manually. To save disk space,...
r11 - 05 Feb 2022 - 19:00 by SheriffCyberSecurity
BackUpAndRestoreEvents
UpPrevious Next Sheriff CSM™ Back Up and Restore Events Sheriff CSM uses internal caches to ensure that communication interruptions between the Sheriff CSM Senso...
r18 - 11 Jun 2022 - 20:16 by SheriffCyberSecurity
BackUpAndRestoreEventsUserGuide
UpPrevious Next Sheriff CSM™ Back Up and Restore Events Sheriff CSM uses internal caches to ensure that communication interruptions between the Sheriff CSM Senso...
BackUpAndRestoreMongoDB
UpPrevious Next Sheriff CSM™ Back Up and Restore MongoDB MongoDB is a cross platform and open source document oriented database, a kind of NoSQL database. As a No...
BackUpAndRestoreSystemConfiguration
UpPrevious Next Sheriff CSM™ Back Up and Restore System Configuration %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgl...
r25 - 12 Jun 2022 - 17:35 by SheriffCyberSecurity
BackupAndRestoration
UpPrevious Next Sheriff CSM™ Back up and Restoration Sheriff CSM does not offer a tool to back up or restore the entire system collectively. However, you can bac...
BarracudaNextGenFirewalls
UpPrevious Next Sheriff CSM™ Barracuda NextGen Firewalls When you configure Barracuda NextGen Firewalls to send log data to Sheriff CSM, you can use the Barracuda...
r11 - 28 Jun 2022 - 17:09 by SheriffCyberSecurity
BlackboardLearn
UpPrevious Next Sheriff CSM™ Blackboard Learn When you configure Blackboard Learn to send log data to Sheriff CSM, you can use the Blackboard Learn plugin to tra...
BlueCoatProxySG
UpPrevious Next Sheriff CSM™ Blue Coat ProxySG When you configure Symantec (formerly Blue Coat) ProxySG to send log data to Sheriff CSM, you can use the Blue Coa...
BrocadeRouterSwitch
UpPrevious Next Sheriff CSM™ Brocade Router/Switch When you configure Brocade Router/Switch to send log data to Sheriff CSM, you can use the Brocade Router/Switc...
r10 - 28 Jun 2022 - 17:24 by SheriffCyberSecurity
ChangeTheDefaultTimeZone
UpPrevious Next Sheriff CSM™ Change the Default Time Zone The default time zone for Sheriff CSM is Pacific Time (UTC 7h). If you are not operating in that time z...
CheckPointFirewall
UpPrevious Next Sheriff CSM™ Check Point Firewall When you configure Check Point Firewall 1 to send log data to Sheriff CSM, you can use the Check Point Firewall...
CheckPointMEPP
UpPrevious Next Sheriff CSM™ Check Point MEPP When you configure Check Point Media Encryption and Port Protection (MEPP) to send log data to Sheriff CSM, you can ...
r10 - 28 Jun 2022 - 17:39 by SheriffCyberSecurity
CiscoACS
UpPrevious Next Sheriff CSM™ Cisco ACS When you configure Cisco ACS to send log data to Sheriff CSM, you can use the Cisco ACS plugin to translate raw log data i...
r16 - 28 Jun 2022 - 17:49 by SheriffCyberSecurity
CiscoASA
UpPrevious Next Sheriff CSM™ Cisco ASA When you configure Cisco ASA to send log data to Sheriff CSM, you can use the Cisco ASA plugin to translate raw log data i...
r10 - 28 Jun 2022 - 17:40 by SheriffCyberSecurity
CiscoMeraki
UpPrevious Next Sheriff CSM™ Cisco Meraki When you configure Cisco Meraki to send log data to Sheriff CSM, you can use the Cisco Meraki plugin to translate raw l...
CiscoPIX
UpPrevious Next Sheriff CSM™ Cisco PIX When you configure Cisco PIX to send log data to Sheriff CSM, you can use the Cisco PIX plugin to translate raw log data i...
CiscoRV
UpPrevious Next Sheriff CSM™ Cisco RV When you configure Cisco RV Series VPN Router to send log data to Sheriff CSM, you can use the Cisco rv plugin to translate...
r10 - 05 Jul 2022 - 19:00 by SheriffCyberSecurity
CiscoUnifiedCommunicationsManager
UpPrevious Next Sheriff CSM™ Cisco Unified Communications Manager When you configure Cisco Unified Communications Manager to send log data to Sheriff CSM, you can...
CiscoWLC
UpPrevious Next Sheriff CSM™ Cisco WLC When you configure Cisco Wireless LAN Controller (WLC) to send log data to Sheriff CSM, you can use the Cisco WLC plugin t...
CitrixNetScaler
UpPrevious Next Sheriff CSM™ Citrix NetScaler When you configure Citrix NetScaler to send log data to Sheriff CSM, you can use the Citrix NetScaler plugin to tran...
r11 - 28 Jun 2022 - 18:15 by SheriffCyberSecurity
ClearAllEventsFromTheSIEMDatabase
UpPrevious Next Sheriff CSM™ Clear All Events from the SIEM Database Sheriff CSM backs up events every day and purges them after a threshold (Event Backup Config...
ClickStudiosPasswordstate
UpPrevious Next Sheriff CSM™ Click Studios Passwordstate When you configure Click Studios Passwordstate to send log data to Sheriff CSM, you can use the Passwords...
ComodoAntivirus
UpPrevious Next Comodo Antivirus When you configure Comodo Antivirus to send log data to Sheriff CSM, you can use the Comodo Antivirus plugin to translate raw log...
ConfigurationPolicies
Policies Sheriff CSM configuration that allows you to configure how Sheriff CSM processes events. Defines one or more conditions that are evaluated for each incom...
NEW - 11 Nov 2020 - 01:58 by SheriffCyberSecurity
ConfigureDatabasePlugins
UpPrevious Next Sheriff CSM™ Configure Database Plugins Database plugins extract data from an external database and turn them into Events. Sheriff CSM supports M...
r11 - 31 Aug 2021 - 04:19 by SheriffCyberSecurity
ConfigureLogForwardingOnCommonlyUsedDataSources
UpPrevious Next Sheriff CSM™ Configure Log Forwarding on Commonly Used Data Sources Sheriff CSM plugins process data collected from many different data sources, ...
ConfigureMailRelayInSheriffCSM
UpPrevious Next Sheriff CSM™ Configure Mail Relay in Sheriff CSM You can configure to receive emails from Sheriff CSM. For example, if you want to receive an ema...
r22 - 28 Mar 2022 - 02:31 by SheriffCyberSecurity
ConfigureSDEEPlugins
UpPrevious Next Sheriff CSM™ Configure SDEE Plugins Cisco Systems IPS Sensor 5.0 uses the Security Device Event Exchange (SDEE) protocol to specify the format of...
r15 - 09 Jun 2022 - 20:42 by SheriffCyberSecurity
ConfigureSheriffCSMToUseADNS
UpPrevious Next Sheriff CSM™ Configure Sheriff CSM to Use a DNS Use of a Domain Name Service (DNS) helps Sheriff CSM to resolve host names against IP addresses. ...
ConfigureWMIPlugins
UpPrevious Next Sheriff CSM™ Configure WMI Plugins Windows Management Instrumentation (WMI) plugins collect Microsoft Windows events and data remotely. These plu...
r12 - 12 Apr 2022 - 04:24 by SheriffCyberSecurity
ConfiguringAvailabilityMonitoring
UpPrevious Next Sheriff CSM™ Configure Availability Monitoring Availability monitoring in Sheriff CSM runs from the server, and can be used to monitor availabili...
ConfiguringSheriffNIDS
UpPrevious Next Sheriff CSM™ Configuring Sheriff NIDS Sheriff CSM comes with Sheriff NIDS already enabled, but you need to perform the steps below in order to mo...
r17 - 05 Oct 2021 - 22:23 by SheriffCyberSecurity
CorrelationContexts
UpPrevious Next Sheriff CSM™ Correlation Contexts Sheriff CSM uses Correlation Contexts to allow overlapping networks. A Sheriff CSM Server can handle overlappin...
CorrelationRules
UpPrevious Next Sheriff CSM™ Correlation Rules A correlation rule defines a condition to match incoming events. Refer to How Does Correlation Work? for details. T...
r13 - 16 Dec 2021 - 19:06 by SheriffCyberSecurity
CreateANewPolicy
UpPrevious Next Sheriff CSM™ Create a New Policy %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="...
CreateATicket
UpPrevious Next Sheriff CSM™ Create a Ticket You can open a ticket in the following ways: * Automatically — based on a configured policy. See Create an Action...
r10 - 04 Jun 2022 - 18:56 by SheriffCyberSecurity
CreateAnAction
UpPrevious Next Sheriff CSM Create an Action You can create actions for Sheriff CSM to perform on security events. This includes sending an email, executing a sc...
r19 - 25 Apr 2022 - 23:55 by SheriffCyberSecurity
CreateCustomReports
UpPrevious Next Sheriff CSM™ Create Custom Reports If predefined reports in Sheriff CSM do not suit your needs, you can either modify an existing report or gener...
CreateCustomReportsFromSIEMEvents
UpPrevious Next Sheriff CSM™ Create Custom Reports from SIEM Events If the available report modules do not suit your needs, you can generate your own module, whic...
CreateNewAccountsForLDAPUsers
UpPrevious Next Sheriff CSM™ Create New Accounts for LDAP Users Use this procedure to create new user accounts for LDAP users. For local users, see Create New Acc...
r10 - 27 Apr 2022 - 18:07 by SheriffCyberSecurity
CreateNewAccountsForLocalUsers
UpPrevious Next Sheriff CSM™ Create New Accounts for Local Users Use this procedure to create new user accounts for local Sheriff CSM users. For LDAP users, see C...
r10 - 27 Apr 2022 - 17:50 by SheriffCyberSecurity
CreateNewPluginsUsingThePluginBuilder
UpPrevious Next Sheriff CSM™ Create New Plugins Using the Plugin Builder In addition to the other methods described for customizing or creating new Sheriff CSM p...
CreatePolicyConditions
UpPrevious Next Sheriff CSM™ Create Policy Conditions This topic explains how to configure policy conditions for external event policies, using the Default Policy...
r27 - 18 Jun 2022 - 16:11 by SheriffCyberSecurity
CreatePolicyConsequences
UpPrevious Next Sheriff CSM™ Create Policy Consequences Policy Consequences are the final component to creating a policy, after Create a New Policy and Create Po...
r14 - 06 Jun 2022 - 16:47 by SheriffCyberSecurity
CrossCorrelation
UpPrevious Next Sheriff CSM™ Cross Correlation %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...
CrossCorrelationRules
UpPrevious Next Sheriff CSM™ Cross Correlation Rules The correlation engine uses cross correlation rules to connect NIDS events and vulnerabilities discovered by...
CrowdStrikeFalcon
UpPrevious Next Sheriff CSM™ CrowdStrike Falcon When you configure CrowdStrike Falcon to send log data to Sheriff CSM, you can use the CrowdStrikeas will Falcon ...
r23 - 28 Jun 2022 - 18:56 by SheriffCyberSecurity
CrushFTP
UpPrevious Next Sheriff CSM™ CrushFTP When you configure CrushFTP to send log data to Sheriff CSM, you can use the CrushFTP plugin to translate raw log data into...
r10 - 28 Jun 2022 - 18:48 by SheriffCyberSecurity
CustomizeAndDevelopNewPlugins
UpPrevious Next Sheriff CSM™ Customize and Develop New Plugins Sheriff provides a large number of plugins as part of its default installation. In most environmen...
CustomizeExistingPluginsYourself
UpPrevious Next Sheriff CSM™ Customize Existing Plugins Yourself %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft=...
r10 - 07 Sep 2021 - 23:07 by SheriffCyberSecurity
CustomizeSheriffNIDSRules
UpPrevious Next Sheriff CSM™ Customize Sheriff NIDS Rules Occasionally you may want to customize the Sheriff NIDS rules or enable a rule that is disabled by defa...
CyberArkEnterprisePasswordVault
UpPrevious Next Sheriff CSM™ CyberArk Enterprise Password Vault When you configure CyberArk Enterprise Password Vault to send log data to Sheriff CSM, you can us...
r11 - 28 Jun 2022 - 18:57 by SheriffCyberSecurity
D-LinkUTMFirewall
UpPrevious Next Sheriff CSM™ D Link UTM Firewall When you configure D Link UTM Firewall to send log data to Sheriff CSM, you can use the D Link UTM Firewall plugi...
r15 - 22 Jun 2022 - 16:29 by SheriffCyberSecurity
D-LinkWirelessController
UpPrevious Next Sheriff CSM™ D Link Wireless Controller When you configure D Link Wireless Controller to send log data to Sheriff CSM, you can use the D Link Unif...
DefaultFunctionsUsedInTheSheriffCSMPlugins
UpPrevious Next Sheriff CSM™ Default Functions Used in the Sheriff CSM Plugins The Sheriff CSM Server must receive normalized events in a predefined format. Sher...
DefineAdvancedSearchCriteriaForSecurityEvents
UpPrevious Next Sheriff CSM™ Define Advanced Search Criteria for Security Events (SIEM) This topic describes how to define advanced search criteria when performi...
r14 - 27 Jan 2022 - 19:07 by SheriffCyberSecurity
DellEMCRecoverPoint
UpPrevious Next Sheriff CSM™ Dell EMC RecoverPoint When you configure Dell EMC RecoverPoint to send log data to Sheriff CSM, you can use the Dell EMC RecoverPoi...
DellEqualLogic
UpPrevious Next Sheriff CSM™ Dell EqualLogic When you configure Dell EqualLogic to send log data to Sheriff CSM, you can use the Dell EqualLogic plugin to transla...
r11 - 28 Jun 2022 - 22:06 by SheriffCyberSecurity
DellSonicWALL
UpPrevious Next Sheriff CSM™ Dell SonicWALL When you configure Dell SonicWALL to send log data to Sheriff CSM, you can use the Dell SonicWALL plugin to translate ...
DenyAllWebApplicationFirewall
UpPrevious Next Sheriff CSM™ DenyAll Web Application Firewall (WAF) When you configure DenyAll Web Application Firewall (WAF) to send log data to Sheriff CSM, you...
r10 - 28 Jun 2022 - 22:13 by SheriffCyberSecurity
DeploySheriffHIDSAgents
UpPrevious Next Sheriff CSM™ Deploy Sheriff HIDS Agents You can deploy a Sheriff HIDS agent to a host * Through the Getting Started Wizard This option suppor...
r26 - 02 May 2022 - 15:33 by SheriffCyberSecurity
DeputiesConditions
UpPrevious Next Reputation Using Open Threat Exchange Reputation data as a policy condition, you can filter events from either the source or destination IP addre...
DevelopNewPluginsfromScratch
UpPrevious Next Sheriff CSM™ Develop New Plugins from Scratch %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" ...
DtexSystemsDtex
UpPrevious Next Sheriff CSM™ Dtex Systems Dtex When you configure Dtex Systems Dtex to send log data to Sheriff CSM, you can use the Dtex plugin to translate raw...
ESETAntivirus
UpPrevious Next Sheriff CSM™ ESET Antivirus When you configure ESET to send log data to Sheriff CSM, you can use the Eset plugin to translate raw log data into n...
r11 - 29 Jun 2022 - 03:17 by SheriffCyberSecurity
EnablePlugins
UpPrevious Next Sheriff CSM™ Enable Plugins Sheriff provides more than one way to enable plugins in Sheriff CSM. First, you can enable plugins on specific discov...
ErrorCodesOneUpdatingFromVersion580ToVersion58X
UpPrevious Next Sheriff CSM™ Error Codes When Updating from Version 5.8.0 to Version 5.8.x To ensure that your deployment meets AT T Cybersecurity's requirements...
r10 - 02 Mar 2022 - 18:27 by SheriffCyberSecurity
EstablishingBaselineNetworkBehavior
UpPrevious Next Sheriff CSM™ Establishing Baseline Network Behavior When you first start using Sheriff CSM, it is a good idea to let it run for a few days to det...
r10 - 16 Jun 2022 - 19:02 by SheriffCyberSecurity
EventCollectionProcessingAndCorrelationWorkflow
UpPrevious Next Sheriff CSM™ Event Collection, Processing, and Correlation Workflow All Sheriff CSM's security monitoring and management capabilities stem from i...
r12 - 07 Jun 2022 - 18:53 by SheriffCyberSecurity
EventCorrelation
UpPrevious Next Sheriff CSM™ Event Correlation %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" ...
r11 - 05 Jun 2022 - 16:46 by SheriffCyberSecurity
EventManagement
UpPrevious Next Sheriff CSM™ Event Management %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" ...
r14 - 30 Nov 2021 - 20:32 by SheriffCyberSecurity
EventPriority
Event Priority Defines how urgently the event should be investigated. It ranges from 0 to 5.
NEW - 19 Nov 2020 - 00:06 by SheriffCyberSecurity
EventPriorityConditions
UpPrevious Next Event Priority Using Event Priority as a policy condition, you can filter events that are from a server according to how reliable the events are....
EventReliability
Event Reliability Specifies the likelihood that the event is accurate. It ranges from 0 to 10.
NEW - 19 Nov 2020 - 00:04 by SheriffCyberSecurity
EventStorageBestPractices
UpPrevious Next Sheriff CSM™ Event Storage Best Practices Sheriff CSM stores events in a database and refers to as SQL Storage. Sheriff CSM also stores the normal...
r10 - 17 Jun 2022 - 18:50 by SheriffCyberSecurity
F5BIG-IPAPM
UpPrevious Next Sheriff CSM™ F5 BIG IP APM When you configure F5 BIG IP Access Policy Manager (APM, formerly FirePass) to send log data to Sheriff CSM, you can u...
FileIntegrityMonitoring
UpPrevious Next Sheriff CSM™ File Integrity Monitoring You can configure Sheriff HIDS to perform File Integrity Monitoring (FIM), which identifies changes in sys...
r16 - 09 Jun 2022 - 03:45 by SheriffCyberSecurity
FilteringAlarmsInListView
UpPrevious Next Sheriff CSM™ Filtering Alarms in List View Both a high level overview and a detailed look at individual alarm types, the List View lets you filte...
r15 - 17 Jun 2022 - 17:59 by SheriffCyberSecurity
ForeScoutCounterACT
UpPrevious Next Sheriff CSM™ ForeScout CounterACT When you configure ForeScout CounterACT to send log data to Sheriff CSM, you can use the ForeScout CounterACT pl...
r12 - 29 Jun 2022 - 03:19 by SheriffCyberSecurity
FortinetFortiGate
UpPrevious Next Sheriff CSM™ Fortinet FortiGate When you configure Fortinet FortiGate to send log data to Sheriff CSM, you can use the FortiGate plugin to transl...
FreeIPA
UpPrevious Next Sheriff CSM™ FreeIPA When you configure FreeIPA to send log data to Sheriff CSM, you can use the FreeIPA plugin to translate raw log data into no...
GTAFirewall
UpPrevious Next Sheriff CSM™ GTA Firewall When you configure GTA Firewall to send log data to Sheriff CSM, you can use the GTA Firewall plugin to translate raw l...
GlobalProperties
UpPrevious Next Sheriff CSM™ Global Properties Each correlation directive has the following global properties Global properties for correlation directives Prop...
r12 - 29 Jan 2022 - 17:02 by SheriffCyberSecurity
HAProxy
UpPrevious Next Sheriff CSM™ HAProxy When you configure HAProxy to send log data to Sheriff CSM, you can use the plugin full name as appeared in product web UI p...
HPBladeSystemChassis
UpPrevious Next Sheriff CSM™ HP BladeSystem Chassis When you configure HP BladeSystem to send log data to Sheriff CSM, you can use the HP BladeSystem Chassis plu...
HPMSMIntegratedController
UpPrevious Next Sheriff CSM™ HP MSM Integrated Controller When you configure HP MSM Integrated Controller to send log data to Sheriff CSM, you can use the HP MSM...
HighAvailabilityConfiguration
UpPrevious Next Sheriff CSM™ High Availability Configuration %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" h...
r12 - 29 Aug 2021 - 20:57 by SheriffCyberSecurity
HowDoIDiscoverAPossiblyLargerAttackInProgress
UpPrevious Next Sheriff CSM™ How Do I Discover a Possibly Larger Attack in Progress? Most day to day security monitoring work involves detecting where security c...
r14 - 06 Jun 2022 - 18:31 by SheriffCyberSecurity
HuaweiIPSModule
UpPrevious Next Sheriff CSM™ Huawei IPS Module When you configure Huawei IPS Module to send log data to Sheriff CSM, you can use the Huawei IPS Module plugin to ...
r10 - 22 Jun 2022 - 18:27 by SheriffCyberSecurity
IDSConfiguration
UpPrevious Next Sheriff CSM™ IDS Configuration %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...
r15 - 08 Jun 2022 - 18:20 by SheriffCyberSecurity
ImpervaSecureSphere
UpPrevious Next Sheriff CSM™ Imperva SecureSphere When you configure Imperva SecureSphere to send log data to Sheriff CSM, you can use the Imperva securesphere p...
r17 - 29 Jun 2022 - 17:08 by SheriffCyberSecurity
IncidentResponse
UpPrevious Next Sheriff CSM™ Incident Response %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" ...
IntroductionToSheriffCSM
UpPrevious Next Sheriff CSM™ Introduction to Sheriff CSM This guide provides information for users of the Sheriff CSM system, that are responsible for monitoring...
r10 - 28 Aug 2021 - 15:47 by SheriffCyberSecurity
JuniperSRX
UpPrevious Next Sheriff CSM™ Juniper SRX When you configure Juniper SRX to send log data to Sheriff CSM, you can use the Juniper SRX plugin to translate raw log ...
KasperskySecurityCenter
UpPrevious Next Sheriff CSM™ Kaspersky Security Center When you configure Kaspersky Security Center to send log data to Sheriff CSM, you can use the kaspersky sc ...
KasperskySecurityCenterDatabase
UpPrevious Next Sheriff CSM™ Kaspersky Security Center DataBase When you configure Kaspersky Security Center to send log data to Sheriff CSM, you can use the Kas...
KerioConnect
UpPrevious Next Sheriff CSM™ Kerio Connect When you configure Kerio Connect to send log data to Sheriff CSM, you can use the plugin full name as appeared in prod...
LOGbinderForSharePoint
UpPrevious Next Sheriff CSM™ LOGbinder for SharePoint When you configure LOGbinder for SharePoint to send log data to Sheriff CSM, you can use the LOGbinder for ...
LimitUserVisibilityWithEntities
UpPrevious Next Sheriff CSM™ Limit User Visibility with Entities %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="...
r13 - 24 Sep 2021 - 19:00 by SheriffCyberSecurity
ListOfSheriffCSMReports
UpPrevious Next Sheriff CSM™ List of Sheriff CSM Reports Sheriff updates the Sheriff CSM reports on an on going basis. The following table lists the reports in a...
LogCollectionAndNormalizationInSheriffCSM
UpPrevious Next Sheriff CSM™ Log Collection and Normalization in Sheriff CSM The Sheriff CSM plugins process data collected from different data sources, parse and...
r11 - 09 Jun 2022 - 18:15 by SheriffCyberSecurity
ManageEngineADAuditPlus
UpPrevious Next Sheriff CSM™ ManageEngine ADAudit Plus When you configure ManageEngine ADAudit Plus to send log data to Sheriff CSM, you can use the ADAudit Plus ...
ManagingTheSheriffCSMEnvironment
UpPrevious Next Sheriff CSM™ Managing the Sheriff CSM Environment In addition to monitoring and analyzing events and alarms, there are other aspects of security ...
r15 - 24 Jan 2022 - 18:59 by SheriffCyberSecurity
McAfeeAntiSpam
UpPrevious Next Sheriff CSM™ McAfee AntiSpam When you configure McAfee AntiSpam to send log data to Sheriff CSM, you can use the McAfee AntiSpam plugin to transla...
McAfeeWebGateway
UpPrevious Next Sheriff CSM™ McAfeeWeb Gateway When you configure McAfeeWeb Gateway to send log data to Sheriff CSM, you can use the McAfeeWeb Gateway (mwg) plug...
MicrosoftATA
UpPrevious Next Sheriff CSM™ Microsoft ATA When you configure Microsoft Advanced Threat Analytics (ATA) to send log data to Sheriff CSM, you can use the Microsoft...
MicrosoftDHCPServerThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft DHCP Server through NXLog When you configure Microsoft DHCP Server to send log data to Sheriff CSM, you can use the DHCP C...
r10 - 23 Jun 2022 - 18:05 by SheriffCyberSecurity
MicrosoftDNSServerThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft DNS Server through NXLog When you configure Microsoft DNS Server to send log data to Sheriff CSM, you can use the Microsof...
r12 - 06 Jul 2022 - 19:51 by SheriffCyberSecurity
MicrosoftExchangeServerThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft Exchange Server through NXLog When you configure Microsoft Exchange Server to send log data to Sheriff CSM, you can use th...
MicrosoftIISFTPServerThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft IIS FTP Server through NXLog The Microsoft Internet Information Services (IIS) Management Pack includes a FTP Server that ...
r12 - 06 Jul 2022 - 20:17 by SheriffCyberSecurity
MicrosoftIISSMTPServerThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft IIS SMTP Server through NXLog When you configure Microsoft IIS SMTP Server to send log data to Sheriff CSM, you can use th...
r13 - 29 Jun 2022 - 23:23 by SheriffCyberSecurity
MicrosoftIISThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft IIS through NXLog When you configure Microsoft Internet Information Services (IIS) to send log data to Sheriff CSM, you ca...
r11 - 29 Jun 2022 - 23:16 by SheriffCyberSecurity
MicrosoftNPSThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft NPS through NXLog When you configure Microsoft Network Policy Server (NPS) to send log data to Sheriff CSM, you can use th...
r12 - 29 Jun 2022 - 23:24 by SheriffCyberSecurity
MicrosoftOffice365CloudAppSecurity
UpPrevious Next Sheriff CSM™ Microsoft Office 365 Cloud App Security When you configure Office 365 Cloud App Security (formerly named Office 365 Advanced Security...
r11 - 06 Jul 2022 - 18:44 by SheriffCyberSecurity
MicrosoftSCOMThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft SCOM through NXLog When you configure Microsoft System Center Operations Manager (SCOM) to send log data to Sheriff CSM, y...
MicrosoftSQLServerThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft SQL Server through NXLog When you configure Microsoft SQL Server to send log data to Sheriff CSM, you can use the MSSQL Se...
MicrosoftSysmonThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft Sysmon through NXLog When you configure Microsoft System Monitor (Sysmon) to send log data to Sheriff CSM, you can use the...
r11 - 29 Jun 2022 - 23:36 by SheriffCyberSecurity
MicrosoftWindowsEventLogsThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft Windows Event Logs through NXLog When you configure NXLog to send log data to Sheriff CSM, you can use the Nxlog plugin to...
r11 - 30 Jun 2022 - 03:50 by SheriffCyberSecurity
MicrosoftWindowsFirewallThroughNXLog
UpPrevious Next Sheriff CSM™ Microsoft Windows Firewall through NXLog When you configure Microsoft Windows Firewall to send log data to Sheriff CSM, you can use ...
r14 - 30 Jun 2022 - 04:03 by SheriffCyberSecurity
MigrateYourSheriffCSMDeployment
UpPrevious Next Sheriff CSM™ Migrate Your Sheriff CSM Deployment In some scenarios, such as disaster recovery, upgrades, or platform changes, you may choose to m...
r14 - 01 Jul 2022 - 17:32 by SheriffCyberSecurity
MikroTikRouter
UpPrevious Next Sheriff CSM™ MikroTik Router When you configure MikroTik Router to send log data to Sheriff CSM, you can use the MikroTik Router plugin to transl...
ModifyABuiltInCrossCorrelationRule
UpPrevious Next Sheriff CSM™ Modify a Built in Cross Correlation Rule Similar to correlation directives, you can customize cross correlation rules as well. Import...
ModifyAnExistingPolicy
UpPrevious Next Sheriff CSM™ Modify an Existing Policy You can modify any existing policy as needed. To modify an existing policy 1 From Configuration Threa...
MonitorUserActivities
UpPrevious Next Sheriff CSM™ Monitor User Activities Every Sheriff CSM user, regardless of role, has access to the following information: * My Profile Includ...
MotorolaRFS4000
UpPrevious Next Sheriff CSM™ Motorola RFS 4000 When you configure Motorola RFS 4000 to send log data to Sheriff CSM, you can use the Motorola RFS 4000 plugin to ...
NBSSystemNaxsi
UpPrevious Next Sheriff CSM™ NBS System Naxsi When you configure NBS System Naxsi to send log data to Sheriff CSM, you can use the NBS System Naxsi plugin to tra...
NETGEARSwitch
UpPrevious Next Sheriff CSM™ NETGEAR Switch When you configure NETGEAR Switch to send log data to Sheriff CSM, you can use the NETGEAR Switch plugin to translate ...
NXLogPlugins
UpPrevious Next Sheriff CSM™ NXLog Plugins Microsoft Windows includes different categories of logs (Security, System, or Application event logs) to record importa...
NetFlowEventControls
UpPrevious Next Sheriff CSM™ NetFlow Event Controls You are able to configure Sheriff CSM All In One to create events when anomalous bandwidth usage is detected i...
r10 - 11 Dec 2021 - 18:56 by SheriffCyberSecurity
NetFlowMonitoring
UpPrevious Next Sheriff CSM™ NetFlow Monitoring %TWISTY{ showlink="NetFlow Monitoring" hidelink="NetFlow Monitoring" start="show" showimgleft="" hideimgleft...
r15 - 17 Jun 2022 - 20:37 by SheriffCyberSecurity
NetFlowMonitoringConfiguration
UpPrevious Next Sheriff CSM™ NetFlow Monitoring Configuration Many external NetFlow sources (such as routers and switches) have NetFlow capabilities already defi...
r20 - 25 Apr 2022 - 17:40 by SheriffCyberSecurity
NetMotionMobility
UpPrevious Next Sheriff CSM™ NetMotion Mobility When you configure NetMotion Mobility to send log data to Sheriff CSM, you can use the NetMotion Mobility plugin ...
r10 - 23 Jun 2022 - 18:01 by SheriffCyberSecurity
NetwrixAuditorThroughNXLog
UpPrevious Next Sheriff CSM™ Netwrix Auditor through NXLog When you configure Netwrix Auditor to send log data to Sheriff CSM, you can use the Netwrix Auditor pl...
r10 - 30 Jun 2022 - 17:41 by SheriffCyberSecurity
ObserveITThroughNXLog
UpPrevious Next Sheriff CSM™ ObserveIT through NXLog When you configure ObserveIT to send log data to Sheriff CSM, you can use the ObserveIT NXLog plugin to tran...
r12 - 23 Jun 2022 - 23:56 by SheriffCyberSecurity
OperatingSystemUpgradeInVersion580
UpPrevious Next Sheriff CSM™ Operating System Upgrade in Version 5.8.0 Sheriff CSM version 5.8.0 includes an operating system (OS) upgrade to improve the performa...
r15 - 11 Jun 2022 - 20:12 by SheriffCyberSecurity
OracleJDEdwardsEnterpriseOne
UpPrevious Next Sheriff CSM™ Oracle JD Edwards EnterpriseOne When you configure Oracle JD Edwards EnterpriseOne to send log data to Sheriff CSM, you can use the ...
OracleThroughNXLog
UpPrevious Next Sheriff CSM™ Oracle through NXLog When you configure Oracle Database to send log data to Sheriff CSM, you can use the Oracle NXLog plugin to tran...
r12 - 30 Jun 2022 - 18:04 by SheriffCyberSecurity
OracleWebLogicServer
UpPrevious Next Sheriff CSM™ Oracle WebLogic Server When you configure Oracle WebLogic Server to send log data to Sheriff CSM, you can use the Oracle WebLogic Se...
PCIDSS32Requirement1
UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 1: Install and Maintain a Firewall Configuration to Protect Cardholder Data Testing Procedure How Sher...
r13 - 29 Apr 2022 - 18:17 by SheriffCyberSecurity
PCIDSS32Requirement11
UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 11: Regularly Test Security Systems and Processes Testing Procedure How Sheriff CSM Delivers Sherif...
PCIDSS32Requirement3
UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 3: Protect Stored Cardholder Data Testing Procedure How Sheriff CSM Delivers Sheriff CSM Instructions...
PCIDSS32Requirement4
UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 4: Encrypt Transmission of Cardholder Data Across Open, Public Networks Testing Procedure How Sheriff C...
PCIDSS32Requirement5
UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 5: Protect All Systems Against Malware and Regularly Update Anti Virus Software or Programs Testing Proc...
r10 - 29 Apr 2022 - 18:46 by SheriffCyberSecurity
PCIDSS32Requirement8
UpPrevious Next Sheriff CSM™ PCI DSS 3.2 Requirement 8: Identify and Authenticate Access to System Components Testing Procedure How Sheriff CSM Delivers S...
PacketFence
UpPrevious Next Sheriff CSM™ PacketFence When you configure PacketFence to send log data to Sheriff CSM, you can use the PacketFence plugin to translate raw log ...
PaloAltoNetworksPANOS
UpPrevious Next Sheriff CSM™ Palo Alto Networks PAN OS When you configure Palo Alto Networks PAN OS to send log data to Sheriff CSM, you can use the Palo Alto Net...
r10 - 24 Jun 2022 - 03:57 by SheriffCyberSecurity
PaloAltoNetworksTraps
UpPrevious Next Sheriff CSM™ Palo Alto Networks Traps When you configure Palo Alto Networks Traps to send log data to Sheriff CSM, you can use the Palo Alto Netw...
r11 - 24 Jun 2022 - 16:49 by SheriffCyberSecurity
PluginFundamentals
UpPrevious Next Sheriff CSM™ Plugin Fundamentals %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=...
r18 - 04 Jul 2022 - 21:48 by SheriffCyberSecurity
PluginManagement
UpPrevious Next Sheriff CSM™ Plugin Management %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...
PluginTypes
UpPrevious Next Sheriff CSM™ Plugin Types The plugins included in Sheriff CSM are called detector plugins. They receive and extract events from logs, which inclu...
PolicyConditions
UpPrevious Next Sheriff CSM™ Policy Conditions Set policy conditions to determine which elements of an incoming event Sheriff CSM will process. You set these con...
PolicyConsequences
UpPrevious Next Sheriff CSM™ Policy Consequences You can configure different consequences when creating or modifying a policy. Policy consequences define the way...
PolicyManagement
UpPrevious Next Sheriff CSM™ Policy Management %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" ...
PolicyOrderAndGrouping
UpPrevious Next Sheriff CSM™ Policy Order and Grouping Policy Order Importance Policies consist of numbered rules that Sheriff CSM applies in descending order wh...
r13 - 23 Sep 2021 - 18:33 by SheriffCyberSecurity
ProFTPD
UpPrevious Next Sheriff CSM™ ProFTPD When you configure ProFTPD to send log data to Sheriff CSM, you can use the ProFTPD plugin to translate raw log data into no...
r10 - 30 Jun 2022 - 18:43 by SheriffCyberSecurity
ProductTypesAndCategories
UpPrevious Next Product Types and Categories Applies to Product: Sheriff CSM™ Sheriff Vigilante® Sheriff event taxonomy consists of product types, categor...
ProofpointProtectionServer
UpPrevious Next Sheriff CSM™ Proofpoint Protection Server When you configure Proofpoint Protection Server to send log data to Sheriff CSM, you can use the Proofp...
PureStoragePurityOperatingEnvironment
UpPrevious Next Sheriff CSM™ Pure Storage Purity Operating Environment When you configure Pure Storage Purity to send log data to Sheriff CSM, you can use the Pu...
RSASecurIDAccessIdentityRouter
UpPrevious Next Sheriff CSM™ RSA SecurID Access Identity Router (IDR) When you configure RSA SecurID Access Identity Router to send log data to Sheriff CSM, you ...
Rapid7Nexpose
UpPrevious Next Sheriff CSM™ Rapid7 Nexpose When you configure Rapid7 Nexpose to send log data to Sheriff CSM, you can use the Rapid7 Nexpose plugin to translate...
RedHatJBossMiddleware
UpPrevious Next Sheriff CSM™ Red Hat JBoss Middleware When you configure Red Hat JBoss Middleware to send log data to Sheriff CSM, you can use the Red Hat JBoss ...
ReputationConditions
UpPrevious Next Reputation Using Open Threat Exchange Reputation data as a policy condition, you can filter events from either the source or destination IP addre...
ReviewEventDetails
UpPrevious Next Sheriff CSM™ Review Event Details Event Details identifies all information Sheriff CSM collected about this event. It also displays the number of ...
r15 - 07 Mar 2022 - 02:15 by SheriffCyberSecurity
ReviewSecurityEvents
UpPrevious Next Sheriff CSM™ Review Security Events %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimglef...
r31 - 25 Apr 2022 - 17:12 by SheriffCyberSecurity
ReviewingAlarmsAsAGroup
UpPrevious Next Sheriff CSM™ Reviewing Alarms as a Group This task helps you sort alarms in bulk as a group when you have many alarms that are similar. You can a...
r12 - 25 Apr 2022 - 16:42 by SheriffCyberSecurity
ReviewingAlarmsAsAList
UpPrevious Next Sheriff CSM™ Reviewing Alarms as a List %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hidei...
r15 - 03 Jun 2022 - 18:26 by SheriffCyberSecurity
STEALTHbitsStealthINTERCEPT
UpPrevious Next Sheriff CSM™ STEALTHbits StealthINTERCEPT When you configure STEALTHbits StealthINTERCEPT to send log data to Sheriff CSM, you can use the Stealth...
SearchingForAssets
UpPrevious Next Sheriff CSM™ Searching for Assets You can either search for or filter your assets by simply typing what you are looking for in the search box, in ...
r14 - 25 Jan 2022 - 19:15 by SheriffCyberSecurity
SecureAuth
UpPrevious Next Sheriff CSM™ SecureAuth When you configure SecureAuth to send log data to Sheriff CSM, you can use the SecureAuth plugin to translate raw log dat...
SecurityEventsViews
UpPrevious Next Sheriff CSM™ Security Events Views The Security Events (SIEM) page, under Analysis Security Events (SIEM), consists of two views: SIEM View and...
r22 - 03 Jun 2022 - 20:08 by SheriffCyberSecurity
SentinelOne
UpPrevious Next Sheriff CSM™ SentinelOne When you configure SentinelOne to send log data to Sheriff CSM, you can use the SentinelOne plugin to translate raw log d...
SetUpPasswordPolicyForLocalUserAuthentication
UpPrevious Next Sheriff CSM™ Set Up Password Policy for Local User Authentication If you decide to use authentication occurring locally in Sheriff CSM, Sheriff Cy...
SheriffCSMAdministrationAndConfiguration
UpPrevious Next Sheriff CSM™ Sheriff CSM Administration and Configuration During the course of using Sheriff CSM to manage and maintain network security in your ...
r12 - 24 Jan 2022 - 17:45 by SheriffCyberSecurity
SheriffCSMDashboards
UpPrevious Next Sheriff CSM™ Sheriff CSM Dashboards %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimglef...
r17 - 10 Nov 2021 - 18:45 by SheriffCyberSecurity
SheriffCSMDeploymentTypes
UpPrevious Next Sheriff CSM™ Sheriff CSM Deployment Types This section introduces the various Sheriff CSM components and explains the different deployment types....
r37 - 08 Jun 2022 - 01:07 by SheriffCyberSecurity
SheriffCSMDeployments
UpPrevious Next Sheriff CSM™ Sheriff CSM Deployments %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgl...
r16 - 20 Jun 2022 - 17:53 by SheriffCyberSecurity
SheriffCSMEventProcessingWorkflow
UpPrevious Next Sheriff CSM™ Sheriff CSM Event Processing Workflow After Sheriff CSM is installed in your environment, events start flowing through the Sheriff ...
SheriffCSMEventProcessingWorkflowEM
UpPrevious Next Sheriff CSM™ Sheriff CSM Event Processing Workflow After Sheriff CSM is installed in your environment, events start flowing through the Sheriff C...
SheriffCSMEventTaxonomy
UpPrevious Next Sheriff CSM™ Sheriff CSM Event Taxonomy Sheriff event taxonomy is a classification system for security events. It provides the Sheriff CSM correla...
r15 - 02 Dec 2021 - 19:48 by SheriffCyberSecurity
SheriffCSMNetworkSecurityBestPractices
UpPrevious Next Sheriff CSM™ Sheriff CSM Network Security Best Practices Providing strong and effective security for an organization’s network, IT infrastructure,...
SheriffCSMNetworkSecurityConceptsAndTerminology
UpPrevious Next Sheriff CSM™ Sheriff CSM Network Security Concepts and Terminology When working with Sheriff CSM and using the Sheriff CSM web UI to perform netw...
r10 - 16 Jun 2022 - 18:39 by SheriffCyberSecurity
SheriffCSMReports
UpPrevious Next Sheriff CSM™ Sheriff CSM Reports %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=...
r12 - 18 Jun 2022 - 18:58 by SheriffCyberSecurity
SheriffCSMSecurityMonitoringAndAnalysis
UpPrevious Next Sheriff CSM™ Sheriff CSM Security Monitoring and Analysis This section provides an overview of Sheriff CSM web UI main menu and submenu options an...
SheriffCSMUpdates
UpPrevious Next Sheriff CSM™ Sheriff CSM Updates %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=...
r20 - 11 Jun 2022 - 18:58 by SheriffCyberSecurity
SheriffHIDS
UpPrevious Next Sheriff CSM™ Sheriff HIDS %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" }% ...
r13 - 08 Jun 2022 - 18:26 by SheriffCyberSecurity
SheriffNIDS
UpPrevious Next Sheriff CSM™ Sheriff NIDS %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" }% ...
r12 - 16 Sep 2021 - 04:00 by SheriffCyberSecurity
SheriffNIDSDefinition
Sheriff NIDS A Sheriff CSM feature and data source for intrusion detection that monitors network traffic and attacks malicious events. In conjunction with event c...
NEW - 14 Jan 2021 - 17:08 by SheriffCyberSecurity
SheriffVigilanteInstallationProcess
UpPrevious Next Sheriff CSM™ Sheriff Vigilante® Installation Process Download Sheriff Vigilante The free, open source Sheriff Vigilante® ISO file can be found o...
r23 - 08 Jun 2022 - 03:04 by SheriffCyberSecurity
SheriffVigilanteReportType
UpPrevious Next Sheriff CSM™ Sheriff Vigilante Report Types Sheriff Vigilante Reports Sheriff Vigilante provides a set of simplified versions of the reports fou...
r13 - 07 Jun 2022 - 03:21 by SheriffCyberSecurity
ShorewallFirewall
UpPrevious Next Sheriff CSM™ Shorewall Firewall When you configure Shorewall Firewall to send log data to Sheriff CSM, you can use the Sharewall Firewall plugin ...
r10 - 24 Jun 2022 - 18:29 by SheriffCyberSecurity
SophosAntivirus
UpPrevious Next Sheriff CSM™ Sophos Antivirus When you configure Sophos Antivirus to send log data to Sheriff CSM, you can use the Sophos Antivirus plugin to tra...
SophosCentral
UpPrevious Next Sheriff CSM™ Sophos Central When you configure Sophos Central to send log data to Sheriff CSM, you can use the sophos central plugin to translate ...
SophosEnterpriseConsoleThroughNXLog
UpPrevious Next Sheriff CSM™ Sophos Enterprise Console through NXLog When you configure Sophos Enterprise Console (SEC) to send log data to Sheriff CSM, you can ...
r11 - 30 Jun 2022 - 18:10 by SheriffCyberSecurity
SophosXGFirewall
UpPrevious Next Sheriff CSM™ Sophos XG Firewall When you configure Sophos XG Firewall to send log data to Sheriff CSM, you can use the Sophos XG plugin to transla...
r10 - 24 Jun 2022 - 18:54 by SheriffCyberSecurity
SymantecATP
UpPrevious Next Sheriff CSM™ Symantec ATP When you configure Symantec ATP to send log data to Sheriff CSM, you can use the Symantec atp plugin to translate raw lo...
SymantecEPM
UpPrevious Next Sheriff CSM™ Symantec EPM When you configure Symantec EPM to send log data to Sheriff CSM, you can use the Symantec EPM plugin to translate raw l...
r10 - 30 Jun 2022 - 21:59 by SheriffCyberSecurity
TakingOwnershipOfAnAlarm
UpPrevious Next Sheriff CSM™ Taking Ownership of an Alarm As part of an alarm remediation response, you should take ownership of an alarm you want to work on. Th...
Task3AddALevel2RuleToDetectTheSameEventWith100Occurrences
UpPrevious Next Task 3: Add a Level 2 Rule to Detect the Same Event with 100 Occurrences In this task, we try to match the same events selected in Task 2. We wan...
Test
Examine Alarms and Security Events In this procedure, we describe the first and most straightforward method of investigating the trigger for a specific alarm. To ...
ThePolicyView
UpPrevious Next Sheriff CSM™ The Policy View %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft="" }...
TheSheriffCSMWebUserInterface
UpPrevious Next Sheriff CSM™ The Sheriff CSM Web User Interface The Sheriff CSM web user interface (or web UI) provides access to all the tools and capabilities ...
ThycoticSoftwareSecretServer
UpPrevious Next Sheriff CSM™ Thycotic Software Secret Server When you configure Thycotic Software Secret Server to send log data to Sheriff CSM, you can use the T...
TicketManagement
UpPrevious Next Sheriff CSM™ Ticket Management %TWISTY{ showlink="Ticket Management" hidelink="Ticket Management" start="show" showimgleft="" hideimgleft="" ...
TimeRangeConditions
UpPrevious Next Time Range Time Range sets a period of time in which to match events. When configured, only events that occur during the specified time range are...
TrendMicroDeepSecurity
UpPrevious Next Sheriff CSM™ Trend Micro Deep Security When you configure Trend Micro Deep Security to send log data to Sheriff CSM, you can use the Trend Micro ...
TrendMicroDeepSecurityInspector
UpPrevious Next Sheriff CSM™ Trend Micro Deep Security Inspector When you configure Trend Micro Deep Security Inspector to send log data to Sheriff CSM, you can ...
TrendMicroVulnerabilityProtection
UpPrevious Next Sheriff CSM™ Trend Micro Vulnerability Protection When you configure Trend Micro Vulnerability Protection to send log data to Sheriff CSM, you can...
TufinOrchestrationSuite
UpPrevious Next Sheriff CSM™ Tufin Orchestration Suite When you configure Tufin Orchestration Suite to send log data to Sheriff Appliance, you can use the Tufin O...
TutorialCreateANewDirectiveToDetectDoSAttack
UpPrevious Next Sheriff CSM™ Tutorial: Create a New Directive to Detect DoS Attack Sometimes, you may find that none of the built in directives work in your envir...
r18 - 05 Jun 2022 - 17:12 by SheriffCyberSecurity
TutorialCreateAPluginForMicrosoftExchange
UpPrevious Next Sheriff CSM™ Tutorial: Create a Plugin for Microsoft Exchange In this tutorial, we use Microsoft Exchange to show how to develop a log plugin. The...
TutorialCreateAPolicyToDiscardEvents
UpPrevious Next Sheriff CSM™ Tutorial: Create a Policy to Discard Events As part of your efforts to reduce the amount of events triggered by non problematic, non...
r12 - 31 Dec 2021 - 19:55 by SheriffCyberSecurity
TutorialCreateAPolicyToSendEmailsForAccountLockoutEvents
UpPrevious Next Sheriff CSM™ Tutorial: Create a Policy to Send Emails for Account Lockout Events You can also use the send an email policy for things such as acco...
r29 - 26 Apr 2022 - 17:20 by SheriffCyberSecurity
TutorialCreateAPolicyToSendEmailsTriggeredByEvents
UpPrevious Next Sheriff CSM™ Tutorial: Create a Policy to Send Emails Triggered by Events For certain important events, you may want a notification to be sent to...
r22 - 18 Jun 2022 - 17:46 by SheriffCyberSecurity
TutorialModifyingABuiltInDirective
UpPrevious Next Sheriff CSM™ Tutorial: Modifying a Built In Directive Sheriff CSM comes with over 4,500 built in directives, written by the researchers in the AT...
USBDeviceMonitoringOnWindowsSystems
UpPrevious Next Sheriff CSM™ USB Device Monitoring on Windows Systems In Sheriff CSM version 5.3, Host Intrusion Detection System (HIDS) rules and plugins have b...
r11 - 20 Jun 2022 - 19:09 by SheriffCyberSecurity
UbiquitiTOUGHSwitchPoE
UpPrevious Next Sheriff CSM™ Ubiquiti TOUGHSwitch PoE When you configure Ubiquiti TOUGHSwitch PoE to send log data to Sheriff CSM, you can use the Ubiquiti TOUGH...
UntangleNGFirewall
UpPrevious Next Sheriff CSM™ Untangle NG Firewall When you configure Untangle NG Firewall to send log data to Sheriff CSM, you can use the Untangle NG Firewall p...
UpdateSheriffCSMOffline
UpPrevious Next Sheriff CSM™ Update Sheriff CSM Offline %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideim...
r12 - 12 Jun 2022 - 18:06 by SheriffCyberSecurity
UpdateSheriffCSMOnline
UpPrevious Next Sheriff CSM™ Update Sheriff CSM Online You need to update Sheriff CSM manually after a release becomes available. You can perform the update eithe...
r14 - 13 Apr 2022 - 17:26 by SheriffCyberSecurity
UpdatingTheSIEMDatabase
UpPrevious Next Updating the SIEM Database Sheriff CSM must store all the plugin IDs and event types in its database before it can store any events. For this rea...
UsingOTXInSheriffCSM
UpPrevious Next Sheriff CSM™ Using OTX in Sheriff CSM When you sign up for and connect your Open Threat Exchange® (OTX™) account to your Sheriff CSM instance, it...
r11 - 14 Jan 2022 - 20:33 by SheriffCyberSecurity
VMwareESXi
UpPrevious Next Sheriff CSM™ VMware ESXi When you configure VMware ESXi to send log data to Sheriff CSM, you can use the VMware ESXi plugin to translate raw log ...
VMwareSSO
UpPrevious Next Sheriff CSM™ VMware SSO When you configure VMware vCenter SSO to send log data to Sheriff CSM, you can use the VMware SSO plugin to translate raw...
VMwareVCenter
UpPrevious Next Sheriff CSM™ VMware vCenter When you configure VMware vCenter to send log data to Sheriff CSM, you can use the VMware vCenter plugin to translate...
VMwareViewAdministrator
UpPrevious Next Sheriff CSM™ VMware View Administrator When you configure VMware View Administrator to send log data to Sheriff CSM, you can use the VMware View ...
VaronisDatAdvantage
UpPrevious Next Sheriff CSM™ Varonis DatAdvantage When you configure Varonis DatAdvantage to send log data to Sheriff CSM, you can use the Varonis DatAdvantage p...
VerifyThatAnEnabledPluginIsWorkingProperly
UpPrevious Next Sheriff CSM™ Verify that an Enabled Plugin Is Working Properly It's good practice to test whether or not a plugin is working correctly, after you...
r11 - 29 Mar 2022 - 18:03 by SheriffCyberSecurity
VerifyingSheriffCSMOperation
UpPrevious Next Sheriff CSM™ Verifying Sheriff CSM Operation Once the basic installation and configuration of your Sheriff CSM system is completed (as described i...
r12 - 09 Nov 2021 - 18:40 by SheriffCyberSecurity
ViewingAssetDetails
UpPrevious Next Sheriff CSM™ Viewing Asset Details To view asset details from the Asset List view, double click a specific asset or click the magnifying glass () ...
r13 - 03 Jun 2022 - 18:06 by SheriffCyberSecurity
ViewingSheriffNIDSEvents
UpPrevious Next Sheriff CSM™ Viewing Sheriff NIDS Events You can view Sheriff NIDS events the same way as you do any other security events. For reference, see Se...
ViewingTheScanResults
Viewing the Scan Results This section covers the following subtopics: * Vulnerabilities Views * Viewing the Scan Results in HTML * Viewing the Scan Resul...
WatchguardXCS
UpPrevious Next Sheriff CSM™ WatchGuard XCS When you configure WatchGuard XCS to send log data to Sheriff CSM, you can use the WatchGuard XCS plugin to translate ...
WatchguardXTM
UpPrevious Next Sheriff CSM™ Watchguard XTM When you configure Watchguard XTM to send log data to Sheriff Appliance, you can use the Watchguard XTM plugin to tra...
WebsenseWebSecurity7
UpPrevious Next Sheriff CSM™ Websense Web Security 7 When you configure Websense Web Security 7 to send log data to Sheriff CSM, you can use the websense7 plugin ...
WingFTPServerThroughNXLog
UpPrevious Next Sheriff CSM™ Wing FTP Server through NXLog When you configure Wing FTP Server to send log data to Sheriff CSM, you can use the Wing FTP Server pl...
r12 - 30 Jun 2022 - 18:16 by SheriffCyberSecurity
WorkingWithSheriffHIDSRules
UpPrevious Next Sheriff CSM™ Working with Sheriff HIDS Rules Sheriff HIDS expands from the open source project, OSSEC, by providing additional rules that are esse...
r20 - 03 Oct 2021 - 02:42 by SheriffCyberSecurity
ZScalerNSS
UpPrevious Next Sheriff CSM™ zScaler NSS When you configure zScaler Nanalog Streaming Service (NSS) to send log data to Sheriff CSM, you can use the zScaler NSS ...
Number of topics: 261
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.