The CreatorCon Call for Content is officially open! Get started here.

SecOps forum
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

Vulnerability Group Rule fields

Hello! I've install Vulnerability response module on my dev instance and trying to understang how it works in Kingston version. The documentation says that Vulnerability Group role has additional sections: Group by and Assignment. But in fact I see o...

find_real_file.png
Alex248 by Mega Expert
  • 1741 Views
  • 5 replies
  • 1 helpfuls

Resolved! How can I track when data is exported from an instance?

Hi, Is there any way to track if a user is exporting data from an instance? The transaction logs give me lots of information but I'm struggling to pinpoint when the function of exporting to .csv, .xls or pdf is happening. Appreciate any help...

ners by Giga Contributor
  • 3108 Views
  • 2 replies
  • 2 helpfuls

Risk score configuration

Hi, I'm just getting started with Security incident response, and I'm lost on how the risk score gets calculated out of the box. I'm trying to go through the RiskScoreUtil script include, but just wondering if someone else has already done this, and ...

cbester by Tera Contributor
  • 2474 Views
  • 3 replies
  • 1 helpfuls

Where is the correlation_id value used?

Hello..   I have been trying to understand where is the correlation_id field is used in the security operations application when managing an incoming security event.OOB, I think the SIEM (Splunk) sends a snsecevent message to SN.   I get to see the c...