AlienVault v5.0.2 Hotfix is now available for OSSIM and USM Learn more
AlienVault v5.0.1 is now available for OSSIM and USM Learn more
How to generate an alert when an asset is discovered
How do I generate an alert when a new asset is discovered? I have nmap running every hour and it does insert assets into the asset list, but I would like to generate an alarm or report of all the new assets discovered - implementing "Metric 1" of "Critical Control 1: Inventory of Authorized and Unauthorized Devices" (CSIS: 20 Critical Security Controls Version 4.0 - http://www.sans.org/critical-security-controls/
"Control 1 Metric:
The system must be capable of identifying any new unauthorized devices that are connected to the network within 24 hours, and of alerting or sending e-mail notification to a list of enterprise administrative personnel."