This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SIEM Dragon 7.7.2 Patch 2 Offenses and Reports

SIEM Dragon 7.7.2 Patch 2 Offenses and Reports

cos
New Contributor

‎03-31-2014 08:06 AM

I have my server logs SIEM dragon set up as follows:

1. I have multiple devices configured to send logs to my server logs (SIEM Dragon); Log Sources from different customers.

07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-11514-zx2v2o-logSources_inline.jpg



2. I created a group for each customer (Log Source Groups) and I have grouped the corresponding devices.

07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-1256-1j4zdrj-LogSourceGroups_inline.jpg



3. Likewise, I created groups of network hierarchy, rule groups and building blocks for each customers; SIEM is generating me offenses correctly for each of them.

Database Settings
Offense Retention Period: 1año

The problem I have is that I can not generate a report for each group or customers (Log Source Group).
The model or template that resembles what I'm looking to do is "Source Summary Offense" but monthly not daily.

Example: ACUNTIA TABLA MONTHLY_ Offense Source Summary
CUATRECASAS TABLA MONTHLY_ Offense Source Summary
ORGT TABLA MONTHLY_ Offense Source Summary

I edited the template and tried to apply a filter for the Log Source Group of each client, but I cannot get it.

Could you help me.
How I can get a report for a specific group of log Source (customers)?

Thank you very much

Diego Cuaran
COS Acuntia

0 Kudos
0 REPLIES 0
GTM-P2G8KFN