Limitations
The following limitations apply when data is sent to a SIEM integration.
- When name changes are made to policies, custom categories, groups, or other configuration settings that have been selected for inclusion in the SIEM data, there is a short delay before the new name is included. The entity is listed as an ID number during the delay period.
- Backlog files created when processing issues occur will be processed starting with the oldest file when processing recovers.
- If the Advanced Malware Detection for Web module is used, AMD generated data is not forwarded correctly to the SIEM output.
- Encryption for AWS S3 buckets is not supported.