UpPrevious Next Sheriff CSM™ Palo Alto Networks PAN OS When you configure Palo Alto Networks PAN OS to send log data to Sheriff CSM, you can use the Palo Alto Net...

UpPrevious Next Sheriff CSM™ Oracle WebLogic Server When you configure Oracle WebLogic Server to send log data to Sheriff CSM, you can use the Oracle WebLogic Se...

UpPrevious Next Sheriff CSM™ Oracle JD Edwards EnterpriseOne When you configure Oracle JD Edwards EnterpriseOne to send log data to Sheriff CSM, you can use the ...

UpPrevious Next Sheriff CSM™ ObserveIT through NXLog When you configure ObserveIT to send log data to Sheriff CSM, you can use the ObserveIT NXLog plugin to tran...

UpPrevious Next Sheriff CSM™ Microsoft Exchange Server through NXLog When you configure Microsoft Exchange Server to send log data to Sheriff CSM, you can use th...

UpPrevious Next Sheriff CSM™ Microsoft DHCP Server through NXLog When you configure Microsoft DHCP Server to send log data to Sheriff CSM, you can use the DHCP C...

UpPrevious Next Sheriff CSM™ NetMotion Mobility When you configure NetMotion Mobility to send log data to Sheriff CSM, you can use the NetMotion Mobility plugin ...

UpPrevious Next Sheriff CSM™ Motorola RFS 4000 When you configure Motorola RFS 4000 to send log data to Sheriff CSM, you can use the Motorola RFS 4000 plugin to ...

UpPrevious Next Sheriff CSM™ Microsoft ATA When you configure Microsoft Advanced Threat Analytics (ATA) to send log data to Sheriff CSM, you can use the Microsoft...

UpPrevious Next Sheriff CSM™ ManageEngine ADAudit Plus When you configure ManageEngine ADAudit Plus to send log data to Sheriff CSM, you can use the ADAudit Plus ...

UpPrevious Next Sheriff CSM™ LOGbinder for SharePoint When you configure LOGbinder for SharePoint to send log data to Sheriff CSM, you can use the LOGbinder for ...

UpPrevious Next Sheriff CSM™ Huawei IPS Module When you configure Huawei IPS Module to send log data to Sheriff CSM, you can use the Huawei IPS Module plugin to ...

UpPrevious Next Sheriff CSM™ FreeIPA When you configure FreeIPA to send log data to Sheriff CSM, you can use the FreeIPA plugin to translate raw log data into no...

UpPrevious Next Sheriff CSM™ F5 BIG IP APM When you configure F5 BIG IP Access Policy Manager (APM, formerly FirePass) to send log data to Sheriff CSM, you can u...

UpPrevious Next Sheriff CSM™ D Link UTM Firewall When you configure D Link UTM Firewall to send log data to Sheriff CSM, you can use the D Link UTM Firewall plugi...

UpPrevious Next Sheriff CSM™ Click Studios Passwordstate When you configure Click Studios Passwordstate to send log data to Sheriff CSM, you can use the Passwords...

UpPrevious Next Sheriff CSM™ Plugin Updates Sheriff CSM notifies users when there is an update to the existing plugins, accessible from the Sheriff CSM Message Ce...

UpPrevious Next Sheriff CSM™ Configuring High Availability in Sheriff CSM Enterprise Systems Unlike the Sheriff CSM Standard Server topology, the Sheriff CSM Ent...

UpPrevious Next Sheriff CSM™ Configure a VPN Between Sheriff CSM Systems To set up a VPN between two Sheriff CSM components, for example, between a Sheriff CSM Al...

UpPrevious Next Sheriff CSM™ Updating Sheriff NIDS Rules and Signatures The AT T Alien Labs™ Security Research Team provides threat intelligence updates, such as ...

UpPrevious Next Sheriff CSM™ USB Device Monitoring on Windows Systems In Sheriff CSM version 5.3, Host Intrusion Detection System (HIDS) rules and plugins have b...

UpPrevious Next Sheriff CSM Connecting to AlienVault Open Threat Exchange® AlienVault Open Threat Exchange® (OTX™) is an open information sharing and analysis net...

UpPrevious Next Sheriff CSM™ Discovering Assets in Your Network Understanding what is in your environment is a critical step towards identifying threats and vuln...

UpPrevious Next Sheriff CSM™ Getting Started Wizard %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgle...

UpPrevious Next Sheriff CSM™ Sheriff CSM Deployments %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgl...

UpPrevious Next Sheriff CSM™ About Sheriff CSM %TWISTY{ showlink="table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=""...

UpPrevious Next Sheriff CSM™ Sheriff CSM Reports %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=...

UpPrevious Next Sheriff CSM™ Tutorial: Create a Policy to Send Emails Triggered by Events For certain important events, you may want a notification to be sent to...

UpPrevious Next Sheriff CSM™ Create Policy Conditions This topic explains how to configure policy conditions for external event policies, using the Default Policy...

UpPrevious Next Sheriff CSM™ Policy Conditions Set policy conditions to determine which elements of an incoming event Sheriff CSM will process. You set these con...

UpPrevious Next Sheriff CSM™ NetFlow Monitoring %TWISTY{ showlink="NetFlow Monitoring" hidelink="NetFlow Monitoring" start="show" showimgleft="" hideimgleft...

UpPrevious Next Sheriff CSM™ Event Storage Best Practices Sheriff CSM stores events in a database and refers to as SQL Storage. Sheriff CSM also stores the normal...

UpPrevious Next Sheriff CSM™ Filtering Alarms in List View Both a high level overview and a detailed look at individual alarm types, the List View lets you filte...

UpPrevious Next Sheriff CSM™ Creating an Asset Group In Sheriff CSM, you can create an asset group in the following ways: * From the Asset List View, select a...

UpPrevious Next Sheriff CSM™ Configure Availability Monitoring Availability monitoring in Sheriff CSM runs from the server, and can be used to monitor availabili...

UpPrevious Next Sheriff CSM™ Deploying HIDS Agents In this section, you will learn about deploying HIDS agents from the asset list view: * Deploying HIDS Agen...

UpPrevious Next Sheriff CSM™ Analyzing Alarms, Events, Logs, and Tickets You will likely spend the most time reviewing and analyzing the network security of your...

UpPrevious Next Sheriff CSM™ Establishing Baseline Network Behavior When you first start using Sheriff CSM, it is a good idea to let it run for a few days to det...

UpPrevious Next Sheriff CSM™ About Sheriff CSM Components The following diagram provides a high level view of the overall Sheriff CSM architecture. Sheriff CSM h...

UpPrevious Next Sheriff CSM™ Sheriff CSM Network Security Concepts and Terminology When working with Sheriff CSM and using the Sheriff CSM web UI to perform netw...

UpPrevious Next Sheriff CSM™ Prerequisites and Requirements The information in this guide is primarily intended for security engineers, security analysts and ope...

UpPrevious Next Sheriff CSM™ Update Sheriff CSM Offline %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideim...

UpPrevious Next Sheriff CSM™ Back Up and Restore System Configuration %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgl...

UpPrevious Next Sheriff CSM™ Back Up and Restore Events Sheriff CSM uses internal caches to ensure that communication interruptions between the Sheriff CSM Senso...

UpPrevious Next Sheriff CSM™ Operating System Upgrade in Version 5.8.0 Sheriff CSM version 5.8.0 includes an operating system (OS) upgrade to improve the performa...

UpPrevious Next Sheriff CSM™ Download a Sheriff CSM ISO Image In order to perform an offline update or software restoration on Sheriff CSM, you first need to dow...

UpPrevious Next Sheriff CSM™ Sheriff CSM Updates %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hideimgleft=...

UpPrevious Next Sheriff CSM™ Configure SDEE Plugins Cisco Systems IPS Sensor 5.0 uses the Security Device Event Exchange (SDEE) protocol to specify the format of...

UpPrevious Next Sheriff CSM™ Plugin Types The plugins included in Sheriff CSM are called detector plugins. They receive and extract events from logs, which inclu...

UpPrevious Next Sheriff CSM™ Log Collection and Normalization in Sheriff CSM The Sheriff CSM plugins process data collected from different data sources, parse and...