Can be run on demand via UI, on a schedule, or over the Logger API. – Output formats include HTML, PDF, MS Excel, CSV, MS Word, Interactive HTML, XML .. Guide (PDF) 3 Understanding the User Interface 24 ArcSight Connector Appliance .. ArcSight Logger, ArcSight NCM, SmartConnector, ArcSight Threat. Contents 6 ESM Installation and Configuration Guide Confidential How do Configuration Guide Confidential /opt/arcsight A.
|Published (Last):||21 July 2017|
|PDF File Size:||5.68 Mb|
|ePub File Size:||20.81 Mb|
|Price:||Free* [*Free Regsitration Required]|
Common Event Format (CEF) Configuration Guides
This procedure can be used to activate the plugin and configure the integration. You can also activate the plugin using the traditional method.
If you activate the plugin using the traditional method, the HPE ArcSight Logger – Incident Enrichment integration recognizes the installation and the integration card displays the New button. Proceed to step 5.
The available security integrations appear as a series of cards. The Security Integration screen reloads and the New button for the integration is available. Field Description Name The name of this configuration.
Earliest Result days The earliest results you want pogger see in number of days. Max Rows The maximum number of rows you want to search.
All Peers The default is unchecked and searches only the local logger you are connected to. When checked, it searches all the loggers that are connected to one another.
Include raw data samples in search results Select this to include loggr of raw data in your sightings search results. The amount of data returned depends on your setting in the number of rows of raw data property in Security Incident Response properties.
Configuring this integration activates workflows. To manage the workflows, navigate to the Workflow Editor. The name of this configuration.
The earliest results you want to see in number of days. The maximum number of rows you want to search.
ArcSight Logger – Commonly Used Event Fields – ITKB – Confluence
The default is unchecked and searches only the local logger you are connected to. Include raw data samples in search results. Select this to include samples of raw data in your sightings search aarcsight.