• ArcSight ESM, logs getting

    Hello everybody. I am new to this field of activity. Please tell me, I have a task to get system logs (any) from one Linux system to another (where ArcSight is installed). Of the available tools, I only have the SuperConnector, which contains only the…
  • RE: Forwarding connector not working with Logger 7.0

    Hi there, Try these two steps: 1) Reimport the certificate from Logger into the forwarding connector cacerts file 2) edit agent.properties on the forwarding connector and add the line: ssl.protocols=TLSv1.2 3) Restart the forwarding connector This error…
  • Super Connector Installation Not Working

    Hi All, I had a problem when i try to install superconnector ArcSight-7.0.7.7286.0-SuperConnector-Linux64 in my centos 6.8 connector server today. I got error : ./ArcSight-7.0.7.7286.0-SuperConnector-Linux64.bin: line 3319: /tmp/install.dir.19029/Linux…
  • Installing two forwarding connectors on the same ESM

    Hi, I am trying to install two forwarding connectors on the same ESM. Reason for this is we want to apply a different set of filters for the different destinations. The only issue I run into is a service name conflict. I just need to rename the existing…
  • Number of waiting events is too large

    Hi, On my logger forwarding connector i'm having alot of these messages: [2016-02-15 15:24:15,885][INFO ][default.com.arcsight.agent.ug.i$b_][addBatch] Number of waiting events is too large [5093], so stalling incoming sender for [false|0||] (stalled…
  • ArcSight ESM Forwarding Connector Options for CSV File

    Hello! Does anyone know if there are any other, possibly hidden, options for configuring the Forwarding Connector when using the "csvfolder" options? The only options I am aware of (based on the configuration string) for each CSV destination, relevant…
  • Disabling of Pulling of Base Events Through Forwarded Correlated Events

    Hi All, We are working on ESM 6.8c where we have installed a SuperConnector(7.0.1.6992.0) to forward the correlated events to the other ESM, but as we have a requirement where we don't want to pull the base events Attacker Address from the forwarded Correlated…
  • Is it possible to use a fowarding connector to send logs from ESM to an Oracle DB?

    Hi, Has anyone ever tried to send logs from ESM to an Oracle database? Would it be possible to use a forwarding connector to do so? Thank you. Victoria
  • Using forwarding connector to send logs to ESM and Logger destination

    Dear Friends, We have a ESM and logger in 2 Datacentres. Our environment requires logs from different locations to be forwarded to both the datacentre simultaneously i;e 4 destinations for each smart-connector. Since we have bandwidth limitation between…
  • Logger CEF Log Forwarder to Express Issue

    Hi Friends, Here is the deployment scenario: Device sending (CEF) Logs --> Logger UDP 514 Receiver --> Logger CEF Forwarder --> ESM Destination (ArcSight Express) Working Fine Working Not Working No Logs sent. So the logs are not getting forwarded (CEF…
  • HP OM integration issue.

    Hi All, We have integrated HP OM with arcsight ESM 6.0c using the forwarding connector version 5.1.2. All the steps as per the configuration guide were followed, however when forwarding the SNMP traps the connector is pushing all the logs from the Manager…
  • Forwarding connector not showing in Console

    I am running ArcSight Express and I have a forwarding connector installed and writing some events to a CSV. This connector showed in the Console initially. The connector is still functioning but it is not listed in the Console. Therefore, I cannot manage…
  • Installing forwarding connector on ESM6.5SP1 running redhat 6.2

    Hi, Currently I have an ESM 6.5SP1 running version 6.2 of redhat and I'm trying to install a forwarding connector (superconnector) that works on it. I read the release notes and it says that this connector is only compatible with redhat version 6.5, so…
  • Logger forwarder connector stops working

    Hi everyone, from time to time (every week or so) the forwarding connector in our logger appliance (v5.1.0.5887.0) stops sending events. After it is restarted, all delayed events are forwarded to our Express. Has anyone suffered the same situation? Regards…
  • CEF Forwaring Connector not Forwading

    I've setup a Forwarding Connector (5.2.7.6582.0) on an Arcsight Express 7506 per the Config Guide. I'm attempting to forward Correlated events to a downstream TCP listener. I can tell the connection is being made to the listener, but nothing is being…