enable you collect
forensics data captured by Traps from a central location. From the
page, you can create
rules to manage the following forensics settings:
Agent Settings Rules
Memory dump settings
Specify files settings including a size
for the memory dump and enable Traps to send the memory dump to
the server automatically. This setting only applies to data collected
from prevention events related to protected processes. For more information,
see Define Memory Dump Preferences.
Enable Traps to collect forensic data for
each security event including which files were accessed, modules
that were loaded into memory, URIs that were accessed, and ancestor
processes of the process that triggered the security event. For
more information, see Define Forensics Collection Preferences.