• Votes

    5

    Ability to recreate an empty database (Postgres, mongo)

    Normally running the 'backup_util.sh' is the part of the daily routine to make a backup about the required components (mainly the config, SI, alerts, etc...) In a case ...

  • Votes

    1

    Customer needs Microsoft Radius data to be parsed correctly.

    A customer has Microsoft Radius server and they need to be able to search on the mac address. Unfortunately all other systems use a format like this: 00:AA:00:12:34:56, ...

  • Votes

    4

    Agent Manager Agent shoud send Heartbeat Events to detekt that it is ...

    There should be a possiblity to detect that an Agent Manager Agent is running independent from sending events to Sentinel. I think one possibilty would be to have a ...

  • Votes

    3

    Distributed search for All Identity Tracking Reports

    All Identity Tracking Reports (Account Tracking, Recent Activity, Password changes, Suspicious activity overview ) have hardcoded Database in the selection of data source ...

  • Votes

    1

    Detect anomaly's in user logon activity

    The ability to detect anomaly's in user logon activity, ie logging on to a system they have never used before.

  • Votes

    1

    Provide end user with alertable event when Agent Manager Central ...

    Ideally, we want the server to send a last message to the back-end when the Central Computer shuts down, but alternatively maybe there needs to be a 'are you alive' check ...

  • Votes

    1

    Request for incremental backup options in the backup script for ...

    Provide the backup script the ability to create an differential (incremental) update of the backup since time the last backup was performed. This reduces the time and ...

  • Votes

    1

    file connector

    In Event Source Management, when processing a file with the file connector, once processing begins under connection information, it states "Reading file..." this is good ...

  • Votes

    5

    Checksum for eventdata

    Currently Sentinel creates checksum only for rawdata in secondary storage. There are some cases where checksum is needed to event data as well. -Br, TimoS

  • Votes

    2

    Supporting Syslog TCP with Octet Counting Framing

    This framing mode is yet to have a wide acceptance. Also, the latest rsyslog does have an optional mode for this --> ...

  • Votes

    1

    General users should be able to view Health Status Info

    General users should be able to view but not edit or modify the following collection - Overview & Event sources Storage - Health, report jobs, search jobs When ...

  • Votes

    6

    Support Wildcarding In Dynamic Lists

    Dynamic Filters should allow the same CIDR notation and wildcarding that Lucene allows specifically for IP addresses. Should also allow ranges like 10.14.1.[1-50]

  • Planned

    4

    notification on alert creation or owner change

    there should be an option to notify the owner if an alert is assigned.

  • Votes

    3

    Data Synchronization enhancement

    Enhance the data synchronization feature to allow the user to specify a start and finish date. Additionally, allow the user to kick-off the job on a specific date/time ...

  • Votes

    6

    To support report for ISO 27002, year 2013.

    Current version is ISO 27002, year 2005. When sentinel can support 2013?

  • Votes

    13

    EPS level alert, monitoring and visualization

    Currently Sentinel does not have any method to monitor EPS levels properly. It would good to have some way to monitor EPS levels and have an alert if e.g. system ...

  • Votes

    4

    Use Email lists in correlation events

    If you have multiple recipients for correlation event alarms, you have to create from CC's action manager an action for each recipient or add multiple addresses to the ...

  • Votes

    8

    Search results sorting

    Currenty search results are sorted descending according to Event Time. But when two same events have the Event Time parameter same, the order of these events is wrong. ...

  • Votes

    9

    CM backup

    Customers are asking why we do not have official backup/restore script or other CLI method to export/import CM configuration.

  • Planned

    14

    Run correlation rules on history data

    It would be nice to have the ability to run correlation rule againt history data and let the rule fire alerts. Now it is only possible to test the rule, but not to have ...