Limitations

The following limitations apply when data is sent to a SIEM integration.
  • When name changes are made to policies, custom categories, groups, or other configuration settings that have been selected for inclusion in the SIEM data, there is a short delay before the new name is included. The entity is listed as an ID number during the delay period.
  • Backlog files created when processing issues occur will be processed starting with the oldest file when processing recovers.
  • If the Advanced Malware Detection for Web module is used, AMD generated data is not forwarded correctly to the SIEM output.
  • Encryption for AWS S3 buckets is not supported.