Skip to content

What is missing or could work better in DriveLock?

← DriveLock Product Feedback & Ideas

Ability to Filter what syslog events I want to forward

I know I can enable my events to be forwarded to a remote Syslog server, but we're missing an option to filter what events will actually be sent, at the source, in this case our DES tenant.
That would be important for narrowing the data ingestion in our XDR, and also would enable us to better manage alerts and block incidents directly in MS Defender for example, in our case is only for Blocked Processes, eventId 473.

1 vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Anderson Gama shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment

DriveLock Product Feedback & Ideas: UX / UI / DOC

Categories