Consequently, some correlation rules may not be triggered because they rely on those events. Excluding events not relevant to security helps improve the overall performance of the plugin. Important: Windows Event IDs not present in patterndb.xml are not forwarded. Follow the procedure above to download the NXLog configuration file and select the PatternDB plugin. ![]() If you want to limit the events collected and sent to USM Anywhere, you can download the patterndb file provided by AT&T Cybersecurity and place it in the \nxlog\conf\ directory on your machine. ![]() If you decide not to use NXLog after the installation, you can uninstall the program using the Add or Remove Programs feature in the Windows Control Panel, or see How to Uninstall NXLog for detailed instructions from the vendor.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |