UpPrevious Next Sheriff CSM™ Back Up and Restore Alarms By default, Sheriff CSM stores alarms in the database until you delete them manually. To save disk space,...
UpPrevious Next Sheriff CSM™ Back Up and Restore Alarms By default, Sheriff CSM stores alarms in the database until you delete them manually. To save disk space,...
UpPrevious Next Sheriff CSM™ Back Up and Restore MongoDB MongoDB is a cross platform and open source document oriented database, a kind of NoSQL database. As a No...
UpPrevious Next Sheriff CSM™ Back Up and Restore NetFlow Data NetFlow is a protocol designed and published by Cisco Systems that has become the accepted industry ...
UpPrevious Next Sheriff CSM™ Back Up and Restore System Configuration %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgl...
UpPrevious Next Sheriff CSM™ Change the Default Time Zone The default time zone for Sheriff CSM is Pacific Time (UTC 7h). If you are not operating in that time z...
UpPrevious Next Sheriff CSM™ Clear All Events from the SIEM Database Sheriff CSM backs up events every day and purges them after a threshold (Event Backup Config...
UpPrevious Next Sheriff CSM™ Configure a Hostname for Sheriff CSM You should always configure a hostname for Sheriff CSM. This helps you identify each one unique...
UpPrevious Next Sheriff CSM™ Configure Custom HTTPS Certificates in Sheriff CSM You can secure Sheriff CSM by providing your own SSL certificates from a Certific...
UpPrevious Next Sheriff CSM™ Configure Database Plugins Database plugins extract data from an external database and turn them into Events. Sheriff CSM supports M...
UpPrevious Next Sheriff CSM™ Configure Network Interfaces Sheriff CSM All in One comes with six network interfaces, numbered eth0 to eth5. Sheriff CSM uses these ...
UpPrevious Next Sheriff CSM™ Configure Plugins Most of the plugins in Sheriff CSM do not require additional configuration after they are enabled, especially if y...
UpPrevious Next Sheriff CSM™ Configure SDEE Plugins Cisco Systems IPS Sensor 5.0 uses the Security Device Event Exchange (SDEE) protocol to specify the format of...
UpPrevious Next Sheriff CSM™ Configure Sheriff CSM to Recognize Your Local Keyboard Follow this procedure if your keyboard does not use a United States key layou...
UpPrevious Next Sheriff CSM™ Configure Sheriff CSM to Use a DNS Use of a Domain Name Service (DNS) helps Sheriff CSM to resolve host names against IP addresses. ...
UpPrevious Next Sheriff CSM™ Configure Sheriff CSM to Use a Proxy By default, Sheriff CSM does not need to go through any proxy server, so proxy configuration is...
UpPrevious Next Sheriff CSM™ Configure Synchronization with an NTP Server Use of an NTP server in your network helps ensure that all system components are correc...
UpPrevious Next Sheriff CSM™ Configure the Search Domain For DNS (Domain Name System) lookup and reverse DNS resolution to work correctly, Sheriff CSM requires th...
UpPrevious Next Sheriff CSM™ Configure the Sheriff CSM Sensor (Deputy) after Deployment You'll want to set up and configure the Sheriff CSM Server first. If you ...
UpPrevious Next Sheriff CSM™ Configure WMI Plugins Windows Management Instrumentation (WMI) plugins collect Microsoft Windows events and data remotely. These plu...
UpPrevious Next Sheriff CSM™ Configuring High Availability for Sheriff CSM Standard Sensors (Deputies) This process has three tasks you perform in the following ...
UpPrevious Next Sheriff CSM™ Configuring Network Interfaces Applies to Product: Sheriff CSM™ Sheriff Vigilante® A Sheriff CSM All in One comes with six n...
UpPrevious Next Sheriff CSM™ Configuring Network Interfaces A Sheriff CSM All in One comes with six network interfaces, numbered eth0 to eth5. Sheriff CSM uses t...
UpPrevious Next Sheriff CSM™ Configuring Sheriff NIDS Sheriff CSM comes with Sheriff NIDS already enabled, but you need to perform the steps below in order to mo...
UpPrevious Next Sheriff CSM™ Create New Plugins Using the Plugin Builder In addition to the other methods described for customizing or creating new Sheriff CSM p...
UpPrevious Next Sheriff CSM™ Customize Sheriff NIDS Rules Occasionally you may want to customize the Sheriff NIDS rules or enable a rule that is disabled by defa...
UpPrevious Next Sheriff CSM™ Deploy Sheriff CSM in VMware Sheriff offers Sheriff CSM for VMware in a Open Virtual Appliance (OVA) package, which is a tar archive ...
UpPrevious Next Sheriff CSM™ Disabling a VPN Configuration When you disable a VPN tunnel, it does not remove the configuration files and system generated certific...
UpPrevious Next Sheriff CSM™ Disabling High Availability About Disabling HA in Network Nodes You must disable HA components in the following order: Sheriff CS...
UpPrevious Next Sheriff CSM™ Enable Plugins Sheriff provides more than one way to enable plugins in Sheriff CSM. First, you can enable plugins on specific discov...
UpPrevious Next Sheriff CSM™ Enable Plugins from the Sensor (Deputy) Configuration You can enable up to 100 plugins on a Sheriff CSM Sensor from the Sheriff CSM w...
UpPrevious Next Sheriff CSM™ Example: Configuring High Availability for Sheriff CSM Standard Servers This topic provides an example of how to configure two Sheri...
UpPrevious Next Sheriff CSM™ Kaspersky Security Center DataBase When you configure Kaspersky Security Center to send log data to Sheriff CSM, you can use the Kas...
UpPrevious Next Sheriff CSM™ Locate the Sheriff License and System ID When contacting Sheriff Technical Support, you are often asked to provide the Sheriff licen...
UpPrevious Next Sheriff CSM™ Migrate Your Sheriff CSM Deployment In some scenarios, such as disaster recovery, upgrades, or platform changes, you may choose to m...
UpPrevious Next Sheriff CSM™ NetFlow Troubleshooting If flow data from various NetFlow sources does not appear after a reasonable amount of time, you need to vali...
UpPrevious Next Sheriff CSM™ Operating System Upgrade in Version 5.8.0 Sheriff CSM version 5.8.0 includes an operating system (OS) upgrade to improve the performa...
UpPrevious Next Sheriff CSM™ Purge Old System Logs You should delete Sheriff CSM system logs and/or old event logs on a regular basis, otherwise the appliance ma...
UpPrevious Next Sheriff CSM™ Register Sheriff CSM You can register Sheriff CSM in one of three ways %TWISTY{ showlink="Registering Sheriff CSM through the Web UI...
UpPrevious Next Sheriff CSM™ Remote Support The Remote Support feature in Sheriff CSM opens a secure, encrypted connection to the Sheriff Support Server through t...
UpPrevious Next Sheriff CSM™ Reset Password for User Accounts Sheriff CSM has specific procedures and permissions for resetting passwords for different user accou...
UpPrevious Next Sheriff CSM™ System Maintenance and Remote Support Sheriff CSM uses the Message Center to centralize all in system errors, warnings, and messages...
UpPrevious Next Sheriff CSM™ Unauthorized Modification of Sheriff CSM Can Lead to Instability Sheriff CSM are built to provide customers with an easy to use solu...
UpPrevious Next Sheriff CSM™ Update Your Sheriff License Key Occasionally, you may need to replace the Sheriff license key in your Sheriff CSM instance. For exam...
UpPrevious Next Sheriff CSM™ Updating Sheriff NIDS Rules and Signatures The AT T Alien Labs™ Security Research Team provides threat intelligence updates, such as ...
UpPrevious Next Sheriff CSM™ Upgrading a Sheriff CSM Deployment Configured for High Availability Prerequisites To upgrade Sheriff CSM to a new version, you must...
UpPrevious Next Sheriff CSM™ Verify that an Enabled Plugin Is Working Properly It's good practice to test whether or not a plugin is working correctly, after you...