This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L1-Threat Intelligence - Indicators and Warnings

This is the official forum for discussing the basic ArcSight Activate L1-Threat Intelligence - Indicators and Warnings package, as described in the Activate Wiki.

Version 1.1.0.0 TI: (L1-Threat_Intelligence_-_Indicators_and_Warnings_1.1.0.0.arb)

Modified Resources:

/All Rules/ArcSight Activate/Solutions/Threat Intelligence/Indicators and Warnings/Populate Suspicious Address List

--
Prentice S. Hayes
Principal Product Manager | Security Operations
OpenText 

LinkedIn: 

https://www.linkedin.com/in/prenticeshayes/ 

Website: 

https://www.opentext.com/

Parents
  • Commenting here to mirror my issue on github.

    When I Tried to use the latest 1.1 install of this package and getting errors for the Active List Capacity.

    Locally, I modified the following values from 1500000 to 1000000 and it worked.

    Expanding the Suspect Address and another suspect list have these increased values.

Reply
  • Commenting here to mirror my issue on github.

    When I Tried to use the latest 1.1 install of this package and getting errors for the Active List Capacity.

    Locally, I modified the following values from 1500000 to 1000000 and it worked.

    Expanding the Suspect Address and another suspect list have these increased values.

Children