Issue in RSA Alerts after adding Servers

Discussion created by Issac 08 on Oct 20, 2017
Latest reply on Dec 21, 2017 by Issac 08

Like • Show 0 Likes0
Comment • 3

Hi All,

After adding the windows servers in SA, agents are pushing the old windows events as alerts .I want the latest alerts to be triggered .How to ignore these old alerts.

Outcomes

3 Replies

Sravan Koneti Oct 24, 2017 1:22 AM
HI Issac,

What is the collection method (File,Syslog or Winrm)?
Alerts generated from Reporting engine or ESA?
Are you getting the latest windows logs(Current time) in the investigation page?
Like • Show 0 Likes0
Actions
Brian Keenan Nov 29, 2017 1:54 PM
Can you clarify on which alerts are being sent? As well as the collection method?
Like • Show 0 Likes0
Actions
- Issac 08 @ Brian Keenan on Dec 21, 2017 11:26 AM
  Software installation Alerts ,collection method is winrm
  Like • Show 0 Likes0
  Actions

Issue in RSA Alerts after adding Servers

Outcomes

Related Content

Recommended Content