Skip to main content

Zoho - ManageEngine - Firewall Anaylzer

Common False positives/entries to ignore

ra8ul
Topic Author
Offline
New Member

More

13 years 6 months ago #35665 by ra8ul

Common False positives/entries to ignore was created by ra8ul

I have few queries regarding SIEM or log management.

1.What false positives/to ignore entries we see in firewall logs from domain controllers,Ips/Ids,Database logs,Vpn .
3.Does RSA envision connect directly to domain controllers.
4.How to learn basics of firewall log analysis & escalation.

Thanks in advance for your help.

ra8ul
Topic Author
Offline
New Member

More

13 years 6 months ago #35666 by ra8ul

Replied by ra8ul on topic Re: Common False positives/entries to ignore

in firewall logs i see port scanning entries populated which we have to ignore.
like this entries logs from dc,database,ips,unix....

Plz help.....
Thanks.

ra8ul
Topic Author
Offline
New Member

More

13 years 4 months ago #35952 by ra8ul

Replied by ra8ul on topic common

Any one...

Time to create page: 0.139 seconds

Your IP address:

3.146.105.137

All-in-one protection for Microsoft 365

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any

WEP, WPA, WPA2 Key!

Follow Firewall.cx

Network and Server Monitoring

Recommended Downloads

Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Bandwidth Monitor

Free PatchManager

EventLog Analyzer

Firewall Analyzer

Security Podcast