0 Replies Latest reply on Mar 21, 2019 11:16 AM by nsenkevich

    Creating A Non-Event Specific Rule




      Are there any parameters or correlations that can be used to created a LEM rule to alert for any and all logs for a specific IP coming in and out? I have a file server I need to monitor, but I cannot create any rule that is generic enough to cache different types of data.

      Is there anything that can be recommended? Plus, possibly any other rules that may be valuable to set for DLP monitoring rule set for this file server?


      Thank you,