No packetlog is available currently (packet log isn't available for some attacks)
Last Modified: 2024-01-17 11:23:10 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
No packetlog is available currently (packet log isn't available for some attacks)
Technical Articles ID:
KB55367
Last Modified: 2024-01-17 11:23:10 Etc/GMT EnvironmentTrellix Intrusion Prevention System (Trellix IPS)
IMPORTANT: Trellix IPS Manager has transitioned from MySQL to MariaDB.
ProblemWhen you try to view attack packets, you see the following error displayed for some attacks:
Cause
The The Sensor logs the packet log and provides asynchronous alert forwarding to the manager. It's possible for the alert to be sent earlier than the packet log. If the packet log backlog rises to a high level, the Sensor drops it and doesn't send it to the Manager. SolutionAllow 5–15 minutes to pass and review the packet log. If the packet log is still not displayed, the Sensor drops the packet logs due to load.
If antivirus software is running on the Manager and the Affected ProductsLanguages:This article is available in the following languages: |
|