Cisco Duo is a common MFA application. SEM can ingest several other vendors' logs, but apparently not Duo (Verified with support on 5/17/24). I would like to see a connector developed for these logs. Duo has the format documented at Understanding Duo Authentication Proxy SIEM Logging.
I have the same suggestion or request for future feature. As the SEM Admin, I need a solution to build out widgets & dashboards and then have the ability to share them with other users.
We recently deployed Cisco FPR-1120 and were trying to add them to our SEM. There is no connector specifically for this platform to use. I worked with support and they had me set up the Generic Syslog in order to have the SEM start ingesting traffic. I also noticed that the PIX/IOS connector works somewhat, but it must be…
We are integrating with a CMDB and want to inventory the SEM agent ID from the client. It would be great if the ID were written to the config file or in the registry. The configuration file would be most cross platform compatible. Having to read through the log file to find the agent ID is not ideal.
It would be nice to have the ability to share useful filters with other users. Alternatively, filters that should be accessible by all users could have a flag to set the filter as "global." Some of the framework seems to be in place already as the out-of-box filters appear for all users who access the SEM web GUI.
In previous versions of SEM, we were able to schedule searches and have reports sent to our emails that were in excel format. Now, with the current versions of SEM, the system will compress the data into a zip file and attempt to email that. Our exchange server policies are configured to block .zip files and we are not…
Would be great to add custom tags to Rules.
Working whit FIM connector when it is required to use a large number of custom paths for FIM on several servers, it is necessary to create templates to speed up the assignment of FIM monitoring using the template import function. However, in the event that it is necessary to make any adjustments to the paths, delete or add…
Hello Everyone, I would like the ability to edit node names. Some of our nodes are returning ip addresses or ".gateway" and the ability to correctly name them would be nice.
It looks like you're new here. Sign in or register to get started.