UpPrevious Next Sheriff CSM™ Palo Alto Networks PAN OS When you configure Palo Alto Networks PAN OS to send log data to Sheriff CSM, you can use the Palo Alto Net...
UpPrevious Next Sheriff CSM™ Palo Alto Networks Traps When you configure Palo Alto Networks Traps to send log data to Sheriff CSM, you can use the Palo Alto Netw...
UpPrevious Next Sheriff CSM™ Plugin Types The plugins included in Sheriff CSM are called detector plugins. They receive and extract events from logs, which inclu...
UpPrevious Next Sheriff CSM™ Plugin Updates Sheriff CSM notifies users when there is an update to the existing plugins, accessible from the Sheriff CSM Message Ce...
UpPrevious Next Sheriff CSM™ Policy Conditions Set policy conditions to determine which elements of an incoming event Sheriff CSM will process. You set these con...
UpPrevious Next Sheriff CSM™ Policy Consequences You can configure different consequences when creating or modifying a policy. Policy consequences define the way...
UpPrevious Next Sheriff CSM™ Policy Order and Grouping Policy Order Importance Policies consist of numbered rules that Sheriff CSM applies in descending order wh...
UpPrevious Next Sheriff CSM™ Prerequisites and Requirements The information in this guide is primarily intended for security engineers, security analysts and ope...
UpPrevious Next Sheriff CSM™ ProFTPD When you configure ProFTPD to send log data to Sheriff CSM, you can use the ProFTPD plugin to translate raw log data into no...
UpPrevious Next Sheriff CSM™ Proofpoint Protection Server When you configure Proofpoint Protection Server to send log data to Sheriff CSM, you can use the Proofp...
UpPrevious Next Sheriff CSM™ Pure Storage Purity Operating Environment When you configure Pure Storage Purity to send log data to Sheriff CSM, you can use the Pu...
UpPrevious Next Sheriff CSM™ Purge Old System Logs You should delete Sheriff CSM system logs and/or old event logs on a regular basis, otherwise the appliance ma...
UpPrevious Next Sheriff CSM™ RSA SecurID Access Identity Router (IDR) When you configure RSA SecurID Access Identity Router to send log data to Sheriff CSM, you ...
UpPrevious Next Sheriff CSM™ Rapid7 Nexpose When you configure Rapid7 Nexpose to send log data to Sheriff CSM, you can use the Rapid7 Nexpose plugin to translate...
UpPrevious Next Sheriff CSM™ Red Hat JBoss Middleware When you configure Red Hat JBoss Middleware to send log data to Sheriff CSM, you can use the Red Hat JBoss ...
UpPrevious Next Sheriff CSM™ Register Sheriff CSM You can register Sheriff CSM in one of three ways %TWISTY{ showlink="Registering Sheriff CSM through the Web UI...
UpPrevious Next Sheriff CSM™ Remote Support The Remote Support feature in Sheriff CSM opens a secure, encrypted connection to the Sheriff Support Server through t...
Remote Support secure, encrypted connections to the sheriff Support Server through the sheriff CSM web UI or the console, allowing Sheriff Support staff to access...
UpPrevious Next Sheriff CSM™ Replace Disk Drives or Power Supplies You may need to replace a power supply or hard disk drive on an Sheriff CSM hardware should ei...
UpPrevious Next Reputation Using Open Threat Exchange Reputation data as a policy condition, you can filter events from either the source or destination IP addre...
UpPrevious Next Sheriff CSM™ Reset Password for User Accounts Sheriff CSM has specific procedures and permissions for resetting passwords for different user accou...
UpPrevious Next Sheriff CSM™ Reset the Sheriff API Key Starting from version 5.2.5, Sheriff CSM and Sheriff Vigilante® offer the option to reset the Sheriff API ...
UpPrevious Next Sheriff CSM™ Restore Sheriff CSM from a USB Drive Prerequisite * Burn the corresponding ISO image to a USB drive. * Change the boot sequenc...
UpPrevious Next Restore Sheriff CSM from a USB Drive Applies to Product: Sheriff CSM™ Sheriff Vigilante® Prerequisite * Burn the corresponding ISO im...
UpPrevious Next Sheriff CSM™ Restore Software on a Sheriff CSM Hardware %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimg...
UpPrevious Next Sheriff CSM™ Review Event Details Event Details identifies all information Sheriff CSM collected about this event. It also displays the number of ...
UpPrevious Next Sheriff CSM™ Reviewing Alarms as a Group This task helps you sort alarms in bulk as a group when you have many alarms that are similar. You can a...
UpPrevious Next Sheriff CSM™ Reviewing Alarms as a List %TWISTY{ showlink="Table of Contents" hidelink="Table of Contents" start="show" showimgleft="" hidei...
UpPrevious Next Sheriff CSM™ Running Asset Scans You can run an asset scan on individual assets. This is useful, for example, if you want to find out if anything ...
UpPrevious Next Sheriff CSM™ Running Vulnerability Scans from Assets You can run vulnerability scans on individual assets. The fewer assets to scan, the sooner th...
UpPrevious Next Sheriff CSM™ Running Vulnerability Scans from Assets You can run vulnerability scans on individual assets. The fewer assets to scan, the sooner t...
SPAN Port Method of monitoring network traffic where you monitor or tap into the port used by another network device and monitor and analyze a copy of the network...
UpPrevious Next Sheriff CSM™ STEALTHbits StealthINTERCEPT When you configure STEALTHbits StealthINTERCEPT to send log data to Sheriff CSM, you can use the Stealth...
UpPrevious Next Scheduling an Asset Discovery Scan You can schedule a scan to run at a set frequency. This is particularly useful on an active network. To schedul...
UpPrevious Next Sheriff CSM™ Search and Close Tickets Sheriff CSM lets you search for a particular ticket and use various search criteria to help you refine your...
UpPrevious Next Sheriff CSM™ Searching for Assets You can either search for or filter your assets by simply typing what you are looking for in the search box, in ...
UpPrevious Next Sheriff CSM™ SecureAuth When you configure SecureAuth to send log data to Sheriff CSM, you can use the SecureAuth plugin to translate raw log dat...
UpPrevious Next Sheriff CSM™ Security Events Views The Security Events (SIEM) page, under Analysis Security Events (SIEM), consists of two views: SIEM View and...
UpPrevious Next Sheriff CSM™ Selecting Assets in Asset List View To select a single asset * Select the check box to the left of the asset. To select multiple a...
UpPrevious Next Sheriff CSM™ SentinelOne When you configure SentinelOne to send log data to Sheriff CSM, you can use the SentinelOne plugin to translate raw log d...
UpPrevious Next Sheriff CSM™ Set Up Password Policy for Local User Authentication If you decide to use authentication occurring locally in Sheriff CSM, Sheriff Cy...
UpPrevious Next Sheriff CSM™ Set Up the Management Interface The first time you power on the Sheriff CSM hardware or launch the virtual machine console after the ...
UpPrevious Next Sheriff CSM™ Sheriff CSM Administration and Configuration During the course of using Sheriff CSM to manage and maintain network security in your ...
UpPrevious Next Sheriff CSM™ Sheriff CSM Dashboard Configuration Within the dashboard view, you can see multiple tabs displaying various visual representations of...