New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Modeling rules for fireeye audit logs #26575
Conversation
Packs/FireEyeHX/README.md
Outdated
|
||
## Configuration on Server Side | ||
### Raw syslog audit messages | ||
In order to configure FireEye HX to send syslog audit logs, refer to FireEye HX "Endpoint Security Server System Administration Guide" (**Configuring a Syslog Server Using the CLI**). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe include a link to the Guide (https://docs.trellix.com/bundle/hx_sag_5-3-0_pdf/resource/HX_SAG_5.3.0_pdf.pdf)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I preferred not to, because it is specific for the version of the product.
@yasta5 Doc review completed. |
…Fireeye_hx_modeling_rules
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Co-authored-by: ShirleyDenkberg <62508050+ShirleyDenkberg@users.noreply.github.com>
Contributing to Cortex XSOAR Content
Make sure to register your contribution by filling the contribution registration form
The Pull Request will be reviewed only after the contribution registration form is filled.
Status
Related Issues
fixes: https://jira-hq.paloaltonetworks.local/browse/CIAC-6502
Does it break backward compatibility?