Have you enabled the debug log for your test connections and reviewed the logs?
Ryan Barnett
Senior Lead Security Researcher, SpiderLabs
Trustwave | SMART SECURITY ON DEMAND
www.trustwave.comhttp://www.trustwave.com/
From: Sabin Ranjit think.sa...@gmail.commailto:think.sa...@gmail.com
Date:
Wesley,
What exactly are you trying to achieve here?
Ryan Barnett
Senior Lead Security Researcher, SpiderLabs
Trustwave | SMART SECURITY ON DEMAND
www.trustwave.com http://www.trustwave.com/
On 8/25/14 6:20 PM, Wesley Render wren...@otherdata.com wrote:
I was just wanting to follow up. Is
I am trying to send only correlated events that are Total Inbound 5+ to
mlogc. When I set the SecDefaultAction for phase1 and phase2 to pass,log
or to nolog,auditlog it seems to send all events, even ones that are under
TX 5 to the mlogc.
When I set it to pass,nolog it seems to only send events