Jump to content

Alexander Keilhofer

  • Posts

  • Joined

  • Last visited

About Alexander Keilhofer

  • Rank

Profile Information

  • Location
  1. Hi, We are looking to forward all our Events to Graylog. CEF helps a lot - thanks for implementing. But only Filtered Websites + Audit Logs are forwarded. No HIPS-Events, no Device-Events. A wireshark on the graylog shows no data sent (except the website-filtered) A Notification with forward to syslog works, but does not contain all information needed I can't find a filter on Protect Server or anything else that could have filtered these events.
  2. Hi, the client can communicate without any firewall in between. The „block“ works- but the site is not injected. Instead, the connection is just reset.
  3. Hi, We are using Endpoint Security with WebControl to block certain pages. When the client is connected directly it works just fine. When the client is using a web-proxy (but is able to resolv DNS etc. directly) blocking a https-site works, but the Browser displays "ERR_TUNNEL_CONNECTION_FAILED" Blocking HTTP-Sites works by displaying the configured site. According to this page we are not alone - yet no fix works. Setting "Use Proxy" in Eset does not help either. TL:DR: Blocking HTTPS sites works, but does not display a nice site. Thanks
  • Create New...