In one of our customer environment Topbeat is working perfect but packetbeat is behaving abruptly.
On further investigation we saw urls referring officescan and mention of dll...
Has any one faced similar issue with packetbeat? with officescan or similar agent?
I am thinking of requesting to exclude packet beat from scans...
I agree in terms of false alarm.. The first time urls are hit are notified but replaced with urls reference to officescan. no information is logged in logs..
Are there important pointers that we can inform infrastructure team while raising request to exclude from security checklist/ include in trust resource pool..
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.