Hi,
I recently started using ClearNDR and need some help with applying filters and creating policies. I find the information overwhelming and have been trying to reduce the amount of data by applying filters, focusing only on major or very important alerts.
Much appreciated.
Regards,
Hi,
can you share a bit more details? What version are you using and what are the most noisy parts that you want to filter out?
FYI: There is also a Discord server, you can find further details at Clear NDR - Community | Stamus Networks
Hi Andreas
Many thanks for your response.
When I log in and navigate to the dashboard, I see a lot of information — ports, IPs, categories, methods, etc. I’m looking for a way to focus only on critical/high alerts first, as well as a way to reduce the amount of information displayed.
I can see that there is an option to apply filters. For example, I have a filter that looks for viruses, Trojans, etc. However, when I look at DNS traffic, I still see a huge amount of information. It is quite overwhelming, and I’m also not sure why particular traffic has been marked as major.
Much appreciated
Best regards