XDR Network Sensor Test

Hello,

I'm trying to test out the XDR Network Sensor, are there any test which are available I tried netscan, C2 beckoning but all i get is that edr sensor detected the attacks.

On the /opt/bitdefender/var/log/bdxdrd.log path when I access the logs, i don't see any detections or maybe I'm doing something wrong.

Screenshot_1.png

Find more posts tagged with

network

gravityzone

endpoint

Accepted answers

All comments

Andrei_S Enterprise

Hello @Stefan94a ,

Can you please double check and confirm that you have done all the steps from our knowledge article: https://www.bitdefender.com/business/support/en/77209-452342-the-network-sensor.html#UUID-1bb7cd89-d2d7-cc99-44ff-4b71fdf8d74f

If the configuration is done correctly you should the Network sensor will be displayed in in the GravityZone console, in Network > Computers and Groups .

Regarding testing, please reach out to our Enterprise Support team for further investigation.

https://www.bitdefender.com/en-us/support/contact-us

Kind Regards,

Andrei

Stefan94a

I did everything as described from the link, I tried simulating bruteforce rdp attack, powershell executions etc, but all was detected by edr sensor or epp

Andrei_S Enterprise

Hello,

In this case we will need to analyze the XDR logs, please collect them using the following article: https://www.bitdefender.com/business/support/en/77211-90384-collect-bitdefender-security-server-logs.html#UUID-25a01885-8cdb-48ce-b2f6-67a69d95a6c4 and attach them to https://upload.bitdefender.net/

Once you have the logs, open a case with support using the link shared above and share the upload link so we can investigate them.

Additionally, I suggest you also provide your impersonation approval and share the email to be use to connect so we can double check your config.

Kind Regards,

Andrei