Hi All,
For endpoint, network email, and network web incidents, there is a response rule to log to a syslog server.
Will this work for Network Discover incidents?
Where there is no Network Protect action being configured, just pure discovery scan.
Thanks!
Hello,
the "All: Log to a Syslog Server" Response Rules work for all incidents, including Network Discover incidents.
"All:" in fact means that it does not apply to a specific module.
Kind regards,
Giovanni