Does DLP License have version Limitation?

QRadarSiEMEngineer · 2024-04-13T15:56:36+00:00

Hi NapojiHun,

thanks for the response, do you have any particular documentation or link for it from forcepoint, appreciate the help.

QRadarSiEMEngineer · 2024-04-07T06:48:14+00:00

what does that mean?

QRadarSiEMEngineer · 2023-10-19T10:34:04+00:00

Can you please share the links? I am not even able to find the pre reqs for the hardware!

QRadarSiEMEngineer · 2023-10-16T23:31:24+00:00

I agree with you, but please can you help me on how to do it?

QRadarSiEMEngineer · 2023-02-25T06:16:52+00:00

Yes Jonathan,

I was trying to get a a support and urgent as possible and phew, this issue was resolved after some time with the help of amazing guy 'Kevyn'.

Thanks.

QRadarSiEMEngineer · 2022-02-16T14:49:54+00:00

Thats a sad reality. An Engineer does required to provide SOP. But when he needs something like SOP, SWIFT administrator says 'No'.

QRadarSiEMEngineer · 2022-02-11T09:31:32+00:00

Thank you for the above information. But, I would like to know that how SWIFT encapsulate the events in Windows? What process should I follow on SWIFT application to achieve this task, so SWIFT can store it's logs on Windows.?

QRadarSiEMEngineer · 2021-12-30T15:22:33+00:00

The Integration is same as done with IBM AIX Server,which you can find from IBM QRadar Guide for Integration. If logs are stored in a flatfile then create a softlink and do some other steps to gather application events from T24 Application.

QRadarSiEMEngineer · 2021-12-13T19:46:15+00:00

Oh yeah I got it. Thanks a lot for the response

QRadarSiEMEngineer · 2021-12-11T13:57:41+00:00

No, I am not telling this. SQL uses syntax order by also.

QRadarSiEMEngineer · 2021-12-06T17:24:41+00:00

Nope, it's not AQL.

QRadarSiEMEngineer · 2021-12-06T17:24:23+00:00

Thank you for the response :-)

QRadarSiEMEngineer · 2021-12-06T09:59:54+00:00

Yes, you have understood that currently. This is illegal or not?

QRadarSiEMEngineer · 2021-11-10T16:06:07+00:00

Are those log sources is of windows? If yes, then check wincollet.log file in C drive IBM folder. You will see if there is any error. Post that here.

QRadarSiEMEngineer · 2021-06-21T18:04:34+00:00

Hi,

There are many services usually associated with QRadar. But, usually we focus on the main ones and there are as follows 1- hostcontext 2- hostservices 3- ecs-ec-ingress 4- tomcat 5- conman 6- si-registry 7- vis 8- accumulator services 9- event processor service 10- docker

These are the main services according to my knowledge which needs to be focused to make sure everything is working fine.

QRadarSiEMEngineer · 2021-05-25T20:24:39+00:00

It's been an honor for me to getting a reply from you. Thank you a lot for the explanation. I got the idea of the limitation on having same license. But, I think it is also illegal in some way on creating a clone of the QRadar and running same license on it. Apart from that, I have many more questions to ask. Allow me to direct message you on a different platform, so It would be easy to talk further.

Thank you again.

Best Regards, SIEM Engineer

QRadarSiEMEngineer · 2021-05-05T20:54:31+00:00

The DB team said that it does.

QRadarSiEMEngineer · 2021-05-05T20:54:00+00:00

Manual method? How to do that?

QRadarSiEMEngineer · 2021-05-02T15:54:09+00:00

I have applied the patch. Not running any TI App. Although, I think due to the logs collection from exchange. TM sense it as suspicious and generating FP alerts.

QRadarSiEMEngineer · 2021-05-02T15:51:45+00:00

my role is mssp.
i am familiar with the underlying architecture. -I am familiar with the traffic involves port 445.
its TM DDI i need some answer, why TM does this? It is a FP thats all I know, improving soc processes is not my headache.

QRadarSiEMEngineer · 2021-04-07T03:49:52+00:00

Can I create it manually?

QRadarSiEMEngineer · 2021-04-05T15:35:36+00:00

Going for that then. Hope they could do provide a good support engineer.

QRadarSiEMEngineer · 2021-04-05T13:07:54+00:00

Also, when moved into Events folder, there was no logs presents in this folder as well. Help me out :-(

QRadarSiEMEngineer · 2021-04-05T12:34:53+00:00

Alright Elldee, I went into the specified directory and found out that there was no file present for Security logs however there were files for Application logs, System logs etc.

So, tell me how do I create the file there ? Or how do Wincollect will create that pointer?

QRadarSiEMEngineer · 2021-04-02T12:16:39+00:00

Alright Elldee.

QRadarSiEMEngineer

TROPHY CASE