Really hoping someone will be able to assist us here or maybe someone has already accomplished this. Any help would be very much appreciated!!
I am looking for a way to create an "Active Alert," to alert our organization immediately if any of our nodes see traffic traversing particular ports. This can be either by Port Number or Application Name. I have tried it a couple ways, but cannot seem to get any data or not see the right parameters that, I think, need to be set. Maybe I am missing something here or there just ins't a way to accomplish this.
Specific Ports/APP:
16992 Intel(R) AMT SOAP/HTTP
16993 Intel(R) AMT SOAP/HTTPS
NTA 4.1.2 NPM 12/0
THANK YOU in advanced!
