XDR Network Sensor Test

Stefan94a · April 23

Hello,

I'm trying to test out the XDR Network Sensor, are there any test which are available I tried netscan, C2 beckoning but all i get is that edr sensor detected the attacks.

On the /opt/bitdefender/var/log/bdxdrd.log path when I access the logs, i don't see any detections or maybe I'm doing something wrong.

Screenshot_1.png

Andrei_S Enterprise · April 23

Hello @Stefan94a ,

Can you please double check and confirm that you have done all the steps from our knowledge article: https://www.bitdefender.com/business/support/en/77209-452342-the-network-sensor.html#UUID-1bb7cd89-d2d7-cc99-44ff-4b71fdf8d74f

If the configuration is done correctly you should the Network sensor will be displayed in in the GravityZone console, in Network > Computers and Groups .

Regarding testing, please reach out to our Enterprise Support team for further investigation.

https://www.bitdefender.com/en-us/support/contact-us

Kind Regards,

Andrei

Stefan94a · April 24

I did everything as described from the link, I tried simulating bruteforce rdp attack, powershell executions etc, but all was detected by edr sensor or epp

Andrei_S Enterprise · April 24

Hello,

In this case we will need to analyze the XDR logs, please collect them using the following article: https://www.bitdefender.com/business/support/en/77211-90384-collect-bitdefender-security-server-logs.html#UUID-25a01885-8cdb-48ce-b2f6-67a69d95a6c4 and attach them to https://upload.bitdefender.net/

Once you have the logs, open a case with support using the link shared above and share the upload link so we can investigate them.

Additionally, I suggest you also provide your impersonation approval and share the email to be use to connect so we can double check your config.

Kind Regards,

Andrei

XDR Network Sensor Test

Answers

All Time Leaders

Categories

Defenders of the month - April