• Votes

    4

    Ability to recreate an empty database (Postgres, mongo)

    Normally running the 'backup_util.sh' is the part of the daily routine to make a backup about the required components (mainly the config, SI, alerts, etc...) In a case ...

  • Votes

    1

    Customer needs Microsoft Radius data to be parsed correctly.

    A customer has Microsoft Radius server and they need to be able to search on the mac address. Unfortunately all other systems use a format like this: 00:AA:00:12:34:56, ...

  • Votes

    4

    Read only user

    There should be a posibility to create a read omly user in Sentinel. This is important for Auditors to check the system. This user should have the rights to see ...

  • Votes

    4

    Agent Manager Agent shoud send Heartbeat Events to detekt that it is ...

    There should be a possiblity to detect that an Agent Manager Agent is running independent from sending events to Sentinel. I think one possibilty would be to have a ...

  • Votes

    12

    Certify Sentinel for High availability on Red Hat Linux

    High availability/Clustering for Sentinel is only supported and certified on SLES or SLES appliances. There is no supported high availability option available for ...

  • Votes

    1

    389 Directory Server plugins

    The goal is to parse 389 Directory Server logs

  • Votes

    5

    Tenant based roles to allow to run remote searches or manage ...

    Customer reported that they are planning to deploy a multi tenant Sentinel system. They would like to use multi-tier architecture, where they have multiple Sentinel for ...

  • Votes

    1

    Prevent transmission of report/e-mail when the report is blank

    We need option to prevent the transmission of e-mail alert when the scheduled report generated is blank in reporting module

  • Votes

    2

    Manage alerts from multiple sentinel deployment using single ...

    In the client's environment, they have multiple Sentinel deployments (Prod, Test, DMZ etc) Each of the environments have their own alerts that they can investigate and ...

  • Votes

    2

    Send full message field when fired by Correlation Rules

    Correlation Rules: Actions -> Send Email (Full Customization of all fields) Normally, the message field is not recommended to be used with Correlation Rules due to the ...

  • Votes

    2

    allow additional links to be added to app navigation bar

    The left nav bar in the Sentinel app currently has links for home, main, search and (at the bottom) security health. This leaves a lot of room that could be used to add ...

  • Votes

    1

    Correlation dropped error reporter

    It should be configurable per event source if you want it to alert if the events don't come to Sentinel in the correct time window. At the moment the system writes these ...

  • Votes

    3

    Distributed search for All Identity Tracking Reports

    All Identity Tracking Reports (Account Tracking, Recent Activity, Password changes, Suspicious activity overview ) have hardcoded Database in the selection of data source ...

  • Votes

    2

    Have a deployment or installation guide specific for AWS

    It would be great to have a specific deployment or installation guide with all steps needed to be followed to install Sentinel on AWS. Today many customers are moving ...

  • Votes

    7

    Cyber Ark Collector

    I would like to request a collector for Cyber Ark. I have seen this asked by multiple customers.

  • Votes

    2

    Disable dashboard

    It would be great to disable the dashboard or have an automated forward to the main interface. Nobody of us is using the dashboard, its always an additional click which ...

  • Votes

    2

    Configure connection when cloning event source

    When cloning an event source, it will keep the connection to the source server, which is useless. When we create a template event source, which we would like to apply to ...

  • Votes

    3

    Import event sources

    We have more than 200 servers which need to be created in multiple collectors. It would be great to import them via a CSV.

  • Votes

    0

    Detect anomaly's in user logon activity

    The ability to detect anomaly's in user logon activity, ie logging on to a system they have never used before.

  • Votes

    0

    "Status Details" statistics do not persist on Sentinel service restart

    Within the Sentinel Control Center (SCC) --> Event Source Management --> Live View... --> Table tab --> expand any Collector Manager. The statistics do not persist upon ...