cancel
Showing results for 
Search instead for 
Did you mean: 

SIEM Dragon 7.7.2 Patch 2 Offenses and Reports

SIEM Dragon 7.7.2 Patch 2 Offenses and Reports

cos
New Contributor
I have my server logs SIEM dragon set up as follows:

1. I have multiple devices configured to send logs to my server logs (SIEM Dragon); Log Sources from different customers.

07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-11514-zx2v2o-logSources_inline.jpg



2. I created a group for each customer (Log Source Groups) and I have grouped the corresponding devices.

07e5ab2e63b444b3bb8dd1f143b63932_RackMultipart20140331-1256-1j4zdrj-LogSourceGroups_inline.jpg



3. Likewise, I created groups of network hierarchy, rule groups and building blocks for each customers; SIEM is generating me offenses correctly for each of them.

Database Settings
Offense Retention Period: 1año

The problem I have is that I can not generate a report for each group or customers (Log Source Group).
The model or template that resembles what I'm looking to do is "Source Summary Offense" but monthly not daily.

Example: ACUNTIA TABLA MONTHLY_ Offense Source Summary
CUATRECASAS TABLA MONTHLY_ Offense Source Summary
ORGT TABLA MONTHLY_ Offense Source Summary

I edited the template and tried to apply a filter for the Log Source Group of each client, but I cannot get it.

Could you help me.
How I can get a report for a specific group of log Source (customers)?

Thank you very much

Diego Cuaran
COS Acuntia

0 REPLIES 0
GTM-P2G8KFN