Vigilent Security Operations Center (VSOC)
Vigilent Security Manager 4.0
Vigilent Security Agent for Unix 2.x
Vigilent Security Agent for Unix 3.x
Vigilent Security Agent for Unix 4.x
Vigilent Security Agent for Unix 5.0
Vigilent Security Agent for Windows 3.x
Detect alerts show up as unregistered in Vigilent Security Operations Center.
Alerts appear in Vigilent Security Manager as ServerName[unregistered]
When several endpoints are being monitored by one agent and one of those endpoints are deleted in VSOC, the alert will show up as a server name followed by "unregistered". The word unregistered is appended to the name because the serverid in the alerts table is now null.
This issue is resolved in Vigilent Security Manager version 4.1. The workaround for version 4.0 is as follows:
- Open the 'Vigilent Security Manager Console' and right-click the Endpoint.
- Select Properties and click IP Lookup. This will update/refresh the IP address and alerts will now show up correctly.