File Systems Events Not Appearing in Netwrix Threat Manager From the Netwrix Activity Monitor Agent(s)
If Netwrix Threat Manager is not receiving file system events from Netwrix Activity Monitor agents, the Syslog message template may be set incorrectly. This article explains how to change the Syslog message template from LEEF to Netwrix Threat Prevention in the Netwrix Activity Monitor console.
No Threats Detected Despite Web Console Reporting Events
If the Netwrix Threat Manager web console reports events but shows no threats, an EDR/XDR/antivirus product may be interfering with PostgreSQL. This article explains how to create exclusions for PostgreSQL file paths to resolve the issue.
Syslog Variables
This article provides a comprehensive list of syslog variables available for use in custom SIEM templates with Netwrix Threat Manager. Use these variables to customize syslog messages for integration with your SIEM solution.
Test Connection in Active Directory Sync Integration Fails
Test connection to Active Directory Sync Integration fails when the Threat Manager Console uses HTTPS; describes how to configure the Active Directory Service in the Web Service appsettings.json to use HTTPS and configure JWT certificate settings.