AnsweredAssumed Answered

sasftpagent development

Question asked by Joe Gumke on Sep 29, 2016
Latest reply on Sep 29, 2016 by David Poirier

Is there any future development of the native RSA sasftpagent? This agent lacks alot of native functionality that a typically SIEM agent needs.

Asks:

  • Native windows log collection
  •       Bidirectional communication (pulling local agent logs for troubleshooting remotely, sending commands to agent like stopping,restarting agent, remotely updating configuration for agent to consume, upgrading agent remotely )
  •       Sending heartbeats to the SIEM for uptime natively and integrate into agent asset table
  •       Configuring silent agent alerts similar to event source monitoring alerts
  •       Agent asset table...similar to the asset table SA to show what version,agent,status,last heartbeat information
  •       Default local agent logging on installed system for troubleshooting
  • ability to configure agent to send to multiple destinations for one log source
  • ability to prefilter events that are sent to destination via regex

Outcomes