UpPrevious Next Sheriff CSM™ Back Up and Restore Alarms By default, Sheriff CSM stores alarms in the database until you delete them manually. To save disk space,...

UpPrevious Next Sheriff CSM™ Back Up and Restore Alarms By default, Sheriff CSM stores alarms in the database until you delete them manually. To save disk space,...

UpPrevious Next Sheriff CSM™ Back Up and Restore MongoDB MongoDB is a cross platform and open source document oriented database, a kind of NoSQL database. As a No...

UpPrevious Next Sheriff CSM™ Back Up and Restore NetFlow Data NetFlow is a protocol designed and published by Cisco Systems that has become the accepted industry ...

UpPrevious Next Sheriff CSM™ Back Up and Restore System Configuration %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgl...

UpPrevious Next Sheriff CSM™ Change the Default Time Zone The default time zone for Sheriff CSM is Pacific Time (UTC 7h). If you are not operating in that time z...

UpPrevious Next Sheriff CSM™ Clear All Events from the SIEM Database Sheriff CSM backs up events every day and purges them after a threshold (Event Backup Config...

UpPrevious Next Sheriff CSM™ Configure a Hostname for Sheriff CSM You should always configure a hostname for Sheriff CSM. This helps you identify each one unique...

UpPrevious Next Sheriff CSM™ Configure Custom HTTPS Certificates in Sheriff CSM You can secure Sheriff CSM by providing your own SSL certificates from a Certific...

UpPrevious Next Sheriff CSM™ Configure Database Plugins Database plugins extract data from an external database and turn them into Events. Sheriff CSM supports M...

UpPrevious Next Sheriff CSM™ Configure Network Interfaces Sheriff CSM All in One comes with six network interfaces, numbered eth0 to eth5. Sheriff CSM uses these ...

UpPrevious Next Sheriff CSM™ Configure Plugins Most of the plugins in Sheriff CSM do not require additional configuration after they are enabled, especially if y...

UpPrevious Next Sheriff CSM™ Configure SDEE Plugins Cisco Systems IPS Sensor 5.0 uses the Security Device Event Exchange (SDEE) protocol to specify the format of...

UpPrevious Next Sheriff CSM™ Configure Sheriff CSM to Recognize Your Local Keyboard Follow this procedure if your keyboard does not use a United States key layou...

UpPrevious Next Sheriff CSM™ Configure Sheriff CSM to Use a DNS Use of a Domain Name Service (DNS) helps Sheriff CSM to resolve host names against IP addresses. ...

UpPrevious Next Sheriff CSM™ Configure Sheriff CSM to Use a Proxy By default, Sheriff CSM does not need to go through any proxy server, so proxy configuration is...

UpPrevious Next Sheriff CSM™ Configure Synchronization with an NTP Server Use of an NTP server in your network helps ensure that all system components are correc...

UpPrevious Next Sheriff CSM™ Configure the Search Domain For DNS (Domain Name System) lookup and reverse DNS resolution to work correctly, Sheriff CSM requires th...

UpPrevious Next Sheriff CSM™ Configure the Sheriff CSM Sensor (Deputy) after Deployment You'll want to set up and configure the Sheriff CSM Server first. If you ...

UpPrevious Next Sheriff CSM™ Configure WMI Plugins Windows Management Instrumentation (WMI) plugins collect Microsoft Windows events and data remotely. These plu...

UpPrevious Next Sheriff CSM™ Configuring High Availability for Sheriff CSM Standard Sensors (Deputies) This process has three tasks you perform in the following ...

UpPrevious Next Sheriff CSM™ Configuring Network Interfaces Applies to Product: Sheriff CSM™ Sheriff Vigilante® A Sheriff CSM All in One comes with six n...

UpPrevious Next Sheriff CSM™ Configuring Network Interfaces A Sheriff CSM All in One comes with six network interfaces, numbered eth0 to eth5. Sheriff CSM uses t...

UpPrevious Next Sheriff CSM™ Configuring Sheriff NIDS Sheriff CSM comes with Sheriff NIDS already enabled, but you need to perform the steps below in order to mo...

UpPrevious Next Sheriff CSM™ Create New Plugins Using the Plugin Builder In addition to the other methods described for customizing or creating new Sheriff CSM p...

UpPrevious Next Sheriff CSM™ Customize Sheriff NIDS Rules Occasionally you may want to customize the Sheriff NIDS rules or enable a rule that is disabled by defa...

UpPrevious Next Sheriff CSM™ Deploy Sheriff CSM in VMware Sheriff offers Sheriff CSM for VMware in a Open Virtual Appliance (OVA) package, which is a tar archive ...

UpPrevious Next Sheriff CSM™ Disabling a VPN Configuration When you disable a VPN tunnel, it does not remove the configuration files and system generated certific...

UpPrevious Next Sheriff CSM™ Disabling High Availability About Disabling HA in Network Nodes You must disable HA components in the following order: Sheriff CS...

UpPrevious Next Sheriff CSM™ Enable Plugins Sheriff provides more than one way to enable plugins in Sheriff CSM. First, you can enable plugins on specific discov...

UpPrevious Next Sheriff CSM™ Enable Plugins from the Sensor (Deputy) Configuration You can enable up to 100 plugins on a Sheriff CSM Sensor from the Sheriff CSM w...

UpPrevious Next Sheriff CSM™ Example: Configuring High Availability for Sheriff CSM Standard Servers This topic provides an example of how to configure two Sheri...

UpPrevious Next Sheriff CSM™ Kaspersky Security Center DataBase When you configure Kaspersky Security Center to send log data to Sheriff CSM, you can use the Kas...

UpPrevious Next Sheriff CSM™ Locate the Sheriff License and System ID When contacting Sheriff Technical Support, you are often asked to provide the Sheriff licen...

UpPrevious Next Sheriff CSM™ Migrate Your Sheriff CSM Deployment In some scenarios, such as disaster recovery, upgrades, or platform changes, you may choose to m...

UpPrevious Next Sheriff CSM™ NetFlow Troubleshooting If flow data from various NetFlow sources does not appear after a reasonable amount of time, you need to vali...

UpPrevious Next Sheriff CSM™ Operating System Upgrade in Version 5.8.0 Sheriff CSM version 5.8.0 includes an operating system (OS) upgrade to improve the performa...

UpPrevious Next Sheriff CSM™ Plugin Fundamentals %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=...

UpPrevious Next Sheriff CSM™ Plugin Management %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...

UpPrevious Next Sheriff CSM™ Purge Old System Logs You should delete Sheriff CSM system logs and/or old event logs on a regular basis, otherwise the appliance ma...

UpPrevious Next Sheriff CSM™ Register Sheriff CSM You can register Sheriff CSM in one of three ways %TWISTY{ showlink="Registering Sheriff CSM through the Web UI...

UpPrevious Next Sheriff CSM™ Remote Support The Remote Support feature in Sheriff CSM opens a secure, encrypted connection to the Sheriff Support Server through t...

UpPrevious Next Sheriff CSM™ Reset Password for User Accounts Sheriff CSM has specific procedures and permissions for resetting passwords for different user accou...

UpPrevious Next Sheriff CSM™ Sheriff CSM Initial Setup %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideim...

Sheriff Console SSH management interface used to perform setup and configuration tasks for Sheriff CSM with options from the Sheriff Setup menu.

UpPrevious Next Sheriff CSM™ System Maintenance and Remote Support Sheriff CSM uses the Message Center to centralize all in system errors, warnings, and messages...

UpPrevious Next Sheriff CSM™ Unauthorized Modification of Sheriff CSM Can Lead to Instability Sheriff CSM are built to provide customers with an easy to use solu...

UpPrevious Next Sheriff CSM™ Update Sheriff CSM Offline %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideim...

UpPrevious Next Sheriff CSM™ Update Your Sheriff License Key Occasionally, you may need to replace the Sheriff license key in your Sheriff CSM instance. For exam...

UpPrevious Next Sheriff CSM™ Updating Sheriff NIDS Rules and Signatures The AT T Alien Labs™ Security Research Team provides threat intelligence updates, such as ...

UpPrevious Next Sheriff CSM™ Upgrading a Sheriff CSM Deployment Configured for High Availability Prerequisites To upgrade Sheriff CSM to a new version, you must...

UpPrevious Next Sheriff CSM™ Verify that an Enabled Plugin Is Working Properly It's good practice to test whether or not a plugin is working correctly, after you...