about File Collection event source integration, may we use ftp instead of sftp?
So, is there a way to customize the RSA SFTP agent for windows machine so that we can send logs to Security Analytics Log Collector through ftp protocol?
Thanks in advance
It's not supported but....
You can setup VSFTPD to allow for connections on port 21 and update the puppet config to remove the blocking of FTP for iptables. You'd then have to update iptables on the Log Hybrid with puppet "puppet agent -t" if that doesnt work you'd have to manually update iptables.
I've had to make this change because of certificate issues on one of our appliances. SFTP was not an option.
However, I wouldn't recommend this if you have little linux experience.