Event retrieval issues when ePolicy Orchestrator is added as a device
Last Modified: 2022-08-18 10:43:38 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Event retrieval issues when ePolicy Orchestrator is added as a device
Technical Articles ID:
KB90872
Last Modified: 2022-08-18 10:43:38 Etc/GMT EnvironmentePolicy Orchestrator (ePO) 5.x
SIEM Enterprise Security Manager (ESM) 11.x, 10.x SIEM Event Receiver (Receiver) 11.x, 10.x
Problem
When ePO is integrated as a device, if you retrieve events directly from the ePO database, you might see the following issues:
System Change
You upgraded the ePO server and Receiver to a new version, and upgraded or migrated the ePO database.
Cause
Improper communication to the ePO database causes this issue.
Solution
Support for gathering data from databases using TLS 1.2 is included in SIEM 10.3.4 and 11.1.3. We recommend that you upgrade to the latest available version to benefit from all enhancements and resolved issues.
Workaround
Allow your ePO server to connect to a database running TLS 1.0 and enable TLS 1.0. For details, see KB90222 - Unable to make outbound connections to SQL or LDAP where Transport Layer Security 1.0 is disabled.
Affected ProductsLanguages:This article is available in the following languages: |
|