Highlighted
Respected Contributor.. Respected Contributor..
Respected Contributor..
387 views

Filtering Out Vulnerability Scans (Active List with start + end Date)

Jump to solution

Hello,

I'm trying to Create an overall filter within HP ArcSight to make sure we don't notifications based on Vulnerability Scans.
The fact is, ofcourse we can filter out certain communications between Source and target connections, But is it possible to base it on a start and End time/date?

I tried to do this with a Active list, setting up information like

Attacker Address, Target Address, Start Date, End Date.

But I cannot find a way to use the dates in there to use as a Before and After statement.

Anyone found a way to do this?
Thanks in advance.

Labels (1)
Tags (2)
0 Likes
1 Solution

Accepted Solutions
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

You need to use a getActiveListValue variable to extract the start and end date, your attacker and target addresses will need to be key fields

View solution in original post

0 Likes
2 Replies
Highlighted
Acclaimed Contributor.
Acclaimed Contributor.

You need to use a getActiveListValue variable to extract the start and end date, your attacker and target addresses will need to be key fields

View solution in original post

0 Likes
Highlighted
Respected Contributor.. Respected Contributor..
Respected Contributor..

Thank you Richard!

works great

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.