Have an idea?

Share it with us or vote on other people’s ideas. Our product team is listening.

Snare




Welcome to the user feedback forum for Snare, a suite of security and compliance products that range from small footprint, highly effective device and network logging and log-management tools through to advanced IT infrastructure threat protection solutions.
  1. Event Trace Log (ETL) - Microsoft DNS Server Analytic Logs

    As a Snare Enterprise agent user I desire the ability to read and transmit via syslog Event Trace Log (ETL) files. One example in which this feature would be valuable is the reading and transmission of Microsoft DNS Server Analytic Logs.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agents  ·  Flag idea as inappropriate…  ·  Admin →
  2. Office 365 Logs to be integrated into Snare via the Office 365 Management API

    We are currently moving our office environment to the local server based environment to and Office 365 environment. We would like to be able to collect Office 365 into our SIEM and make auditing easier. Office 365 seems to be the software for many moving forward, especially in the current circumstances of COVID-19 and working remotely.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    TRIAGE  ·  0 comments  ·  Snare Agents  ·  Flag idea as inappropriate…  ·  Admin →
  3. Snare Agent caching for Flat Files

    I would like to see a "counter" for the Flat File monitoring by the SAM agent. I understand that the Snare agent is able to resend the logs by resetting the counter inside the target computer's registry. Can we have this for the Flat File Monitoring as well?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agents  ·  Flag idea as inappropriate…  ·  Admin →
  4. TLS Mutual Authentication for Windows Snare Agent

    Besides plan TLS and TLS Auth, allow TLS Mutual Authentication (where both the agent and destination have certificates and must verify each other).

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agents  ·  Flag idea as inappropriate…  ·  Admin →
  5. Enable Snare Agent to automatically select a certificate

    The customer must currently select the Certificate to be used.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Snare Agents  ·  Flag idea as inappropriate…  ·  Admin →
  6. Snare Agents TLS setting to disable TLS CRL verification

    most common TLS clients (web browsers) don't check CRLs (cert revocation lists) or do soft failure. It would be nice to do the same in SNARE, so that CRL fetch outage doesnt cause logging outage

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Snare Agents  ·  Flag idea as inappropriate…  ·  Admin →
  7. Add SNMP support to Snare Central

    SNMP enabled for query on the Snare Server to monitor health of our Snare server.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Central  ·  Flag idea as inappropriate…  ·  Admin →
  8. Customisation of Snare logging formats for different event types (especially for Linux) so our SIEM can understand them

    Snare logs when installed on Linux do not send syslog + FIM events in a format that a SIEM like QRadar, Arcsight, AlienVault, Splunk natively understand. This is because the Snare agent re-writes the log. We want to be able to send those logs in their native format or a custom format we choose.This way, we can send Linux logs in their native format and send FIM logs that look different so the SIEM can handle them differently. This is currently why we don't use or recommend Snare for Linux FIM monitoring.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Snare Agents  ·  Flag idea as inappropriate…  ·  Admin →
  9. Multiple account available for use with SAM

    The Snare Agent Manager has only a single login available for use. This causes a problem in providing the login to users that you don’t wish to have administrative access to the SAM.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agent Manager  ·  Flag idea as inappropriate…  ·  Admin →
  10. 1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agents  ·  Flag idea as inappropriate…  ·  Admin →
  11. Show how much data is being reflected to a destination on a daily, weekly or monthly type report

    Need to show how much data is being reflected in executive reports. The current Snare Central Reflector page only shows a rolling 24 hour volume.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Central  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add multiple networks in batch (import from CSV or just paste a list of networks)

    Allow the user to add multiple networks to the SAM at once, either by importing a list of networks or pasting in a list of networks.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agent Manager  ·  Flag idea as inappropriate…  ·  Admin →
  13. Bulk actions - Delete multiple agents from database at once

    Right now if you want to clear out old agents (usually Legacy agents) you have to delete them individually. When you have over 1000 of them it is unworkable. Provide option to "select all" or select all from a filter and do bulk delete on them.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agent Manager  ·  Flag idea as inappropriate…  ·  Admin →
  14. Snare Agent Manager settings to restrict the IP address that accesses the WebUI

    The customer would like to have the same method that we use to restrict access to the WebUI for the Agents added to the SAM.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agent Manager  ·  Flag idea as inappropriate…  ·  Admin →
  15. WebUI Timeout adjustment

    Have the WebUI's timeout changed or have an option to adjust the timeout time

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agent Manager  ·  Flag idea as inappropriate…  ·  Admin →
  16. Implement digital signatures for the Snare Agents

    Many platforms such as Windows include digital signature management for the software thats installed. Snare currently provided several hash formats to validate the software that is installed. The certificate signing uses signature of signing the agent installer and exe files from a trusted certificate authority that the host already has a trusted signed root certificate in its certificate store. This then helps with OS checks such as smart screen on windows to validate that the software was from a known trusted source, was signed using an EV certificate and has a positive reputation from the industry. This will aid in…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Agents  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow the Snare Central Server to set FIPS compliance mode

    Allow the Snare Central Server to enable FIPS compliance mode. This will restrict all encryption methods to only use they approved encryption algorithms.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Central  ·  Flag idea as inappropriate…  ·  Admin →
  18. Allow selection of columns in Pattern Map Details

    Pattern Map Details in reports do not allow selection of columns. Certain fields such as DETAILS and STRING are large and take up a large amount of screen estate.

    Although the Tabular details allows inclusion or exclusion of fields the Pattern Map’s details does not allow that customization and shows fields that are not desired.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Central  ·  Flag idea as inappropriate…  ·  Admin →
  19. Have option to store logs as uncompressed in Snare Central

    Snare Central does not currently have an option to save logs in an uncompressed format.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Central  ·  Flag idea as inappropriate…  ·  Admin →
  20. Have a Deployable version of Snare Central Server in AWS

    We currently provide Snare Central Server as an ISO file. We don’t have a deployable version of Snare Central Server to be deployed in Amazon Web Services (AWS). Not have a deployable Snare Central Server in Amazon Web can affect future business for Threat Intelligence upsells for customers who are wanting a full deployment of Snare Central Servers in the cloud.

    We only provide an ISO file for Snare Server. We don’t have an OVA for AWS. Having a standard deployable OVA Snare Central Server in AWS will be necessary for ALL customers running Snare Central Server in the cloud.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Snare Central  ·  Flag idea as inappropriate…  ·  Admin →

    Thank you for sharing this suggestion. This enhancement is in progress with the Snare Development Team.

    If this is a feature required please contact sales for more info for early access.

    Further updates will be provided when the release is being packaged.

← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base