• Votes

    4

    Tenant based roles to allow to run remote searches or manage ...

    Customer reported that they are planning to deploy a multi tenant Sentinel system. They would like to use multi-tier architecture, where they have multiple Sentinel for ...

  • Votes

    1

    Prevent transmission of report/e-mail when the report is blank

    We need option to prevent the transmission of e-mail alert when the scheduled report generated is blank in reporting module

  • Votes

    2

    Manage alerts from multiple sentinel deployment using single ...

    In the client's environment, they have multiple Sentinel deployments (Prod, Test, DMZ etc) Each of the environments have their own alerts that they can investigate and ...

  • Votes

    2

    Send full message field when fired by Correlation Rules

    Correlation Rules: Actions -> Send Email (Full Customization of all fields) Normally, the message field is not recommended to be used with Correlation Rules due to the ...

  • Votes

    2

    allow additional links to be added to app navigation bar

    The left nav bar in the Sentinel app currently has links for home, main, search and (at the bottom) security health. This leaves a lot of room that could be used to add ...

  • Votes

    1

    Correlation dropped error reporter

    It should be configurable per event source if you want it to alert if the events don't come to Sentinel in the correct time window. At the moment the system writes these ...

  • Votes

    3

    Distributed search for All Identity Tracking Reports

    All Identity Tracking Reports (Account Tracking, Recent Activity, Password changes, Suspicious activity overview ) have hardcoded Database in the selection of data source ...

  • Votes

    2

    Have a deployment or installation guide specific for AWS

    It would be great to have a specific deployment or installation guide with all steps needed to be followed to install Sentinel on AWS. Today many customers are moving ...

  • Votes

    7

    Cyber Ark Collector

    I would like to request a collector for Cyber Ark. I have seen this asked by multiple customers.

  • Votes

    2

    Disable dashboard

    It would be great to disable the dashboard or have an automated forward to the main interface. Nobody of us is using the dashboard, its always an additional click which ...

  • Votes

    2

    Configure connection when cloning event source

    When cloning an event source, it will keep the connection to the source server, which is useless. When we create a template event source, which we would like to apply to ...

  • Votes

    3

    Import event sources

    We have more than 200 servers which need to be created in multiple collectors. It would be great to import them via a CSV.

  • Votes

    0

    Detect anomaly's in user logon activity

    The ability to detect anomaly's in user logon activity, ie logging on to a system they have never used before.

  • Votes

    0

    "Status Details" statistics do not persist on Sentinel service restart

    Within the Sentinel Control Center (SCC) --> Event Source Management --> Live View... --> Table tab --> expand any Collector Manager. The statistics do not persist upon ...

  • Votes

    1

    Symantec DPL Connector

    A connector to connect Symantec Data Loss Protection is urgently needed. Clients have requested it.

  • Votes

    1

    Sentinel plugin for Log4j

    It is a popular implementation to log application data

  • Votes

    0

    Plugin for IBM TDS

    We work with IBM TDS here and we would like collect these logs

  • Votes

    1

    Bulk plugin download

    Updating and downloading plugins is a time consuming and manual process. It is especially difficult as you need to download each one individually. It is also challenging ...

  • Votes

    2

    Add ability to customize Sentinel report format

    When reports are generated in Sentinel, you do not have a choice of how the report is formatted. For example, customer wants to display data in a bar graph format versus ...

  • Votes

    1

    Support the Gofer daemon for Redhat systems

    goferd is a systems management component used by older Redhat systems. It's since superceded, but some customers may need to support it because it's already part of ...