USM Anywhere allows you to use the AlienVault pluginsPlugins specify how to collect and normalize raw information from devices to create events that can then be analyzed to determine threats and vulnerabilities. to filter the agent-related eventsAny traffic or data exchange detected by AlienVault products through a Sensor, or through external devices such as a firewall..
These Data Source Plugins are related to the AlienVault Agent
- AlienVault Agent. This plugin parses the events from the agent, with the exception of Windows events
- AlienVault Agent - Windows EventLog. This plugin parses Windows events re-sent through the Agent
To search events using the filter related to the Agent
- Navigate to ACTIVITY > EVENTS.
- Search the Data Source Plugin section.
- Click on one of them.
The result of your search displays.