https://community.extremenetworks.com/t5/security/siem-dragon-7-7-2-patch-2-offenses-and-reports/m-p/27733#M36 I have my server logs SIEM dragon set up as follows:<BR /> <BR /> 1. I have multiple devices configured to send logs to my server logs (SIEM Dragon); Log Sources from different customers.<BR /> <BR /> <P class="fancybox-image"><span class="lia-inline-image-display-wrapper" image-alt="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-11514-zx2v2o-logSources_inline.jpg"><img src="https://community.extremenetworks.com/t5/image/serverpage/image-id/5972i9199031E1469A4FA/image-size/large?v=v2&amp;px=999" role="button" title="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-11514-zx2v2o-logSources_inline.jpg" alt="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-11514-zx2v2o-logSources_inline.jpg" /></span></P><BR /> <BR /> 2. I created a group for each customer (Log Source Groups) and I have grouped the corresponding devices.<BR /> <BR /> <P class="fancybox-image"><span class="lia-inline-image-display-wrapper" image-alt="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-1256-1j4zdrj-LogSourceGroups_inline.jpg"><img src="https://community.extremenetworks.com/t5/image/serverpage/image-id/5696i9EEDDC0F13BB162B/image-size/large?v=v2&amp;px=999" role="button" title="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-1256-1j4zdrj-LogSourceGroups_inline.jpg" alt="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-1256-1j4zdrj-LogSourceGroups_inline.jpg" /></span></P><BR /> <BR /> 3. Likewise, I created groups of network hierarchy, rule groups and building blocks for each customers; SIEM is generating me offenses correctly for each of them.<BR /> <BR /> Database Settings<BR /> Offense Retention Period: 1año<BR /> <BR /> The problem I have is that I can not generate a report for each group or customers (Log Source Group).<BR /> The model or template that resembles what I'm looking to do is "Source Summary Offense" but monthly not daily.<BR /> <BR /> Example: ACUNTIA TABLA MONTHLY_ Offense Source Summary<BR /> CUATRECASAS TABLA MONTHLY_ Offense Source Summary<BR /> ORGT TABLA MONTHLY_ Offense Source Summary<BR /> <BR /> I edited the template and tried to apply a filter for the Log Source Group of each client, but I cannot get it.<BR /> <BR /> Could you help me.<BR /> How I can get a report for a specific group of log Source (customers)?<BR /> <BR /> Thank you very much<BR /> <BR /> Diego Cuaran<BR /> COS Acuntia<BR /> <BR /> Mon, 31 Mar 2014 15:06:00 GMT cos 2014-03-31T15:06:00Z https://community.extremenetworks.com/t5/security/siem-dragon-7-7-2-patch-2-offenses-and-reports/m-p/27733#M36 I have my server logs SIEM dragon set up as follows:<BR /> <BR /> 1. I have multiple devices configured to send logs to my server logs (SIEM Dragon); Log Sources from different customers.<BR /> <BR /> <P class="fancybox-image"><span class="lia-inline-image-display-wrapper" image-alt="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-11514-zx2v2o-logSources_inline.jpg"><img src="https://community.extremenetworks.com/t5/image/serverpage/image-id/5972i9199031E1469A4FA/image-size/large?v=v2&amp;px=999" role="button" title="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-11514-zx2v2o-logSources_inline.jpg" alt="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-11514-zx2v2o-logSources_inline.jpg" /></span></P><BR /> <BR /> 2. I created a group for each customer (Log Source Groups) and I have grouped the corresponding devices.<BR /> <BR /> <P class="fancybox-image"><span class="lia-inline-image-display-wrapper" image-alt="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-1256-1j4zdrj-LogSourceGroups_inline.jpg"><img src="https://community.extremenetworks.com/t5/image/serverpage/image-id/5696i9EEDDC0F13BB162B/image-size/large?v=v2&amp;px=999" role="button" title="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-1256-1j4zdrj-LogSourceGroups_inline.jpg" alt="07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-1256-1j4zdrj-LogSourceGroups_inline.jpg" /></span></P><BR /> <BR /> 3. Likewise, I created groups of network hierarchy, rule groups and building blocks for each customers; SIEM is generating me offenses correctly for each of them.<BR /> <BR /> Database Settings<BR /> Offense Retention Period: 1año<BR /> <BR /> The problem I have is that I can not generate a report for each group or customers (Log Source Group).<BR /> The model or template that resembles what I'm looking to do is "Source Summary Offense" but monthly not daily.<BR /> <BR /> Example: ACUNTIA TABLA MONTHLY_ Offense Source Summary<BR /> CUATRECASAS TABLA MONTHLY_ Offense Source Summary<BR /> ORGT TABLA MONTHLY_ Offense Source Summary<BR /> <BR /> I edited the template and tried to apply a filter for the Log Source Group of each client, but I cannot get it.<BR /> <BR /> Could you help me.<BR /> How I can get a report for a specific group of log Source (customers)?<BR /> <BR /> Thank you very much<BR /> <BR /> Diego Cuaran<BR /> COS Acuntia<BR /> <BR /> Mon, 31 Mar 2014 15:06:00 GMT https://community.extremenetworks.com/t5/security/siem-dragon-7-7-2-patch-2-offenses-and-reports/m-p/27733#M36 cos 2014-03-31T15:06:00Z