HIDS 52511

From Atomicorp Wiki
Revision as of 12:21, 21 October 2020 by Scott (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Rule 1
Status Active
Alert Message Anti-Virus

Contents

Description

This is a generic (level 3) event to collect real-time AV scanner events from Clam Anti-virus.


What you should do

No action recommended. This is a generic catch all "bucket" for Clam AV real-time events, that include initialization.


Troubleshooting

False Positives

There are no false positives with this rule.

Tuning Guidance

This rule can safely be set to logging type "no" to prevent it from being reported in the event viewer. Do not disable this rule, as it is a requirement for other IDS related rules.


Additional Information

Support

If you are unsure about how to respond to this alert, please contact Atomicorp support. We're here to help you!

Similar Rules

None.

Knowledge Base Articles

None.

Outside References

None.

Notes

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=HIDS_52511&oldid=6112"
Personal tools