• Arcsight Platform and database

    Hello, do I understand correctly I need setup communal storage on the cloud ? Documentation saying " Communal storage is based on an object store, such as Amazon's S3 bucket in the cloud or a storage device for an on-premises deployment. The database…
  • ArcSight Platform & MinIO

    Hello everybody, I have an interesting problem, maybe someone has encountered this situation and has a solution, or the technical guys from Microfocus/Opentext know the situation and the solution. I tested the reinstallation of the ArcSight Platform…
  • About to Installation of ArcSight Database capability from master.advantageinc.org server

  • Postgres service and manager would not start

    Hello, i mistakenly deleted the files at /opt/arcsight/logger/data/logger and now the ESM manager would not start. It looks like the database is now corrupted. What can i do ?
  • CORRE Engine Storage and Archiving.

    Hi Supporters, I am trying to get close to the storage, I have got that there are two storage groups 1- The event storage group consists of : [ active or original data ---- and the copy online archive data ] [the offline archive data ] 2…
  • Using sqljdbc_auth.dll. in

    Hi There, In Configuring the JDBC Driver and Windows Authentication, I have to push sqljdbc_auth.dll . in $ARCSIGHT_HOME\jre\bin directory What is the benefit of this step ? Is this step is required or there is another alternative step ? Best…
  • Integration With Boldon James (Reporting Server ) with ArcSight

    Hi There, Please any ideas for the techniques to integrate Boldon James with ArcSight .. ? There is a a file \ .evtx located in System32\Winevt\Logs\Classifier.evtx Could I use a Connector to pull from this file directly ?? Or…
  • The problem in viewing for IPAddress fields after running mysql query on ESM RedHat !

    Hi everybody I have access via SSH connection to the ArcSight ESM RedHat host. I want to create a customized dashboard panel with Grafana Dashboard Manager with the Mysql plugin. I configured the "my.cnf" file and granted it to the MySQL ArcSight database…
  • RE: kasper DB connector and sql server 2014

    Hi, The error points to connection issues, check the network port is open , that the User the Connector uses is configured with the appropriate rights and privileges on the Database and that possibly the same User is configured for the OS service used…
  • Stored Procedure - how to write parser for FlexConnector?

    I've searched and looked around for answers on the forums but not come up with anything conclusivly. I need to use a stored procedure to get audit data from a database. Is this possible? The prodecure looks like this and we are using it in MSSQL Studio…
  • Arcsight database pc, starts with errors

    Hello, I want to configure partitions with a command arcsight database pc , but at the time of setting, in step " Specify the number of days that new partititons are created in advance and that past partitions will be retained in database for active use…
  • Howto add OpenEdge driver to the list of JDBC drivers i a flexconnector

    hi I am creating a new database flexconnector, but can't connect to the database from ArcSight. I have created a System DSN that work fine, (can connect) but I am not able to choose the type from the list in ArcSight. What I am looking for is " com.ddtek…
  • ASM Database Free Space is less than 2%

    Hi all, Is there any way to access to the ASM Database to check why we are receiving this warning messages? We know that the storage is near to be full but we don't understand why if we are using the 2 appliances with the same forwarding events and one…
  • DATABASE USE CASE DEVELOPMENT

    Hi Community Members, Recently in a research paper I found two methods to detect intrusion in database, and was wondering how to get it implemented on ESM or Logger. Please suggest any ways to implement the following two intrusion detection methods. Currently…
  • Sophos AV Database log collection

    Hi guys, I'm having issues collecting events from the Sophos AV database. The HPE guide does not tell us which specific database name to collect from, but for starters I tried to add the DatabaseName=SophosSecurity. Didn't receive any logs on the connector…
  • FlexConnector Time-Based caching events

    Hi all, We need to get events from a SQL Database Microsoft Server 2014 enterprise edition and send it to a LOGGER, events are allocated from a file to database at midnight, around one million, so the connector try to get the events and then it put them…
  • Debugging time based database FlexConnector

    Hi folks, Can somebody give me a light here? I'm trying to figure out a way to check the format and current output from "?" used to limit limit a given query in a time based database FlexConn, as shown below in this example query: SELECT time, ipaddr…
  • SailPoint IdentityIQ Integration

    Has anyone had any success pulling in SailPoint IdentityIQ data or SailPoint writing directly to a custom table space on the ArcSight database? Their SailPoint expert and their database guy say they've done this before but I have never heard of someone…
  • MySQL ID Based DB Flex

    Hello All, I had trouble creating the ID based Flex connector for MySQL and saw that there wasn't much support for some of the issues that I ran into. I've created the attached document to layout step by step how to create and install this type of flex…
  • maxid.query "java.sql.SQLException: Invalid column index" for Flexconnector ID database

    Hi All, We have a use case to pull non-PII info from our HR system and get in into an active list. The Oracle database for the HR system is overwritten with new information once a day, so our connector frequency will be set for 24 hours. I am using the…
  • Message did not match the common regular expression,ignoring.. ISSUE

    Hello Everyone! I have create one Timebased DB Flex Connector in which there is one field which i need to parse further, for that I'm using "extraprocessor". I am Getting Error: Message [ XYZ ] did not match the common regular expression [( PQR )], ignoring…
  • Oracle not starting

    Everything was working fine until shutdown of manager and database. Running ESM 5.0.2 with Oracle 11g Manager std.log: ----------------------------- Status: The event connection pool has been initialized successfully. Info: User = 'username' Info: Connection…
  • Database FlexConnector Part Deux!

    So I'm back, again! After getting the last TBDB Flex Connector to work, I'm working on my second and having issues again getting the Query to work right. Here's the properties file: Version.ID=1 query=SELECT h.param3 AS changeType, h.recordid, h.TimeStamp…
  • Database FlexConnectors

    Hey all. I'm still kind of new to ArcSight and have taken off with the out of the box connectors that come with it and seem to be doing well on that end... That being said...I seem to be a little stuck on creating my first FlexConnector. I'm trying to…
  • Identify missing rows in a database table

    Hi, I’m getting the current state of an Oracle database by querying a table. My objective is to identify any changes made to database by comparing the current state to the previous state. I got the addition and modification parts done. But I was wondering…