- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Whitelisting in InfoSec App
theSOCguy
Explorer
06-22-2022
09:29 AM
Hello humans (and non-humans),
I am rocking the base model Enterprise (9.0) with an InfoSec app as my SIEM. Right now I see all of the scanner activity, along with service accounts. Since my scanners are testing for Apache vulns, I am getting alerts for it. Is there a way to prevent the InfoSec app from reporting "asset list" worthy events? My understanding is that Asset Lists are only configurable on ES.
Thank you!
theSOCguy
