English Forums > Intrusion Detection and Prevention

[SOLVED] Proofpoint Telemetry status

(1/1)

fightingmasta:
Hi

I have installed os-etpro-telemetry and inserted the token, but the status is disabled.
What can I do or in which log file can I search for an error?
In System: Log Files: General I don't see an error.

Thanks.

franco:
From https://docs.opnsense.org/manual/etpro_telemetry.html :

The status determines which ruleset your sensor will receive, ACTIVE or DORMANT your sensor will receive ET Pro rule, when DISABLED the license conditions are not met and ET Open will be served.

You are probably not generating alerts, so the meta data sharing is empty so it looks like you're not sharing. Try to enable a few alerts that can be sent to Proofpoint.


Cheers,
Franco

fightingmasta:
Thanks Franco.
I didn't made a change nor generated an alert, but the status switched to Active now.
Regards,
Stefan

franco:
Hi Stefan,

Okay, even better. :)


Cheers,
Franco

marcri:
Same problem here. It seems my network ist too clean, no alerts since Aug 28 so Proofpoint Telemetrie ist disabled. I don't want to generate fake alterts, because it will generate e-mail-notifications and so on. any other ideas?

Navigation

[0] Message Index