Enable HIDS on SEPM 12.1.6

I need a solution


Currently using SEPM 12.1.6 MP9

Enviornment : Windows

I have a requirement to install Host Intrusion Detection System(HIDS) on the windows servers. How and where do I enable this features in SEPM ? I also need a document referring to enabling HIDS if Symantec has one.





Custom DSM not collecting Events – stull coming up as Generic

I created a Custom DSM for Sourcefire Connection Policies. I have completed all the mapping – the instructions should state that the Regex needs to be Java and not PCRE. Subtle differences, but important. I have Log Source setup for the device name and IP address in the Log Source Identifier, but the Log are still coming in as SIM Generic Log DSM 7. I disabled the snort log collectors hoping that would kick something to no avail. I have even pushed a full config. Any thoughts on troubleshooting a new cusom DSM that is not parsing the logs? My version: 7.3.0 Build 20171107151332