Some events aren't showing the Source User field in the Details tab
Last Modified: 2022-08-29 04:18:13 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Some events aren't showing the Source User field in the Details tab
Technical Articles ID:
KB82114
Last Modified: 2022-08-29 04:18:13 Etc/GMT Environment
SIEM Enterprise Security Manager (ESM) 11.x, 10.x SIEM Enterprise Event Receiver (Receiver) 11.x, 10.x Problem
For one of multiple Receivers, the Source User field in the Details tab isn't visible in ESM. NOTE: The Source User field is displayed for events from other Receivers with the same Cause
The SolutionResolve the issue by following these steps:
For 10.x versions:
NOTE: From SIEM 11.0 onward, there's no longer a last downloaded string record entry in the user interface. As the ESM doesn't download records from the receivers, it consumes them from the databus. For 11.0–11.1.3: The above versions are in EOL. We strongly recommend that you upgrade to the latest available version. If you're unable to upgrade, contact Technical Support for assistance with republishing the older strings to the databus. For 11.2.0 and later:
NOTE: 11.2.x and 11.3.x are in EOL. We strongly recommend that you upgrade to the latest available version. Affected ProductsLanguages:This article is available in the following languages: |
|