Hello,
We just got LEM and are getting it up and running and have run into something strange. We've been seeing a lot of this error:
COMMUNITY SIP TCP/IP message flooding directed to SIP proxy
The source and destinations are the LEM box and a server with the agent installed. I also noticed it with our IPS box as well. In the period of a few minutes I saw 17 of them.
I saw that there was a false positive related to snort. What's the best way to clean this up?
Thanks!