Symantec Email Security.Cloud need to get supported. caseid#02755726
As we have REST API connector to make it supported however we need a cursor reset to do before the first connection with the API Event URL.
The o365 connector categorization for Azure AD failed authentication is currentlycategorized with an outcome of Success whereas it should be Failure. Failed logins/Brute Force Logins are appearing as successful logins.
My idea would be to categorize…
The new Microsoft Azure Event Hub connector has a proxy setting however we are told by design the new connector was created to not use a proxy. We would like the ability for the connector to use a proxy for reaching out to the internet to access Azure…
In reference to Support Ticket 01830853 and Change Request 342101, it would be nice that the Microsoft Office 365 Management Activity SmartConnector is able to pull logs from Office 365 GCC - Service Descriptions | Microsoft Learn environments.
Currently the SmartConnector for Microsoft 365 Defender only works by with Access token request with a shared secret.
In our company group is mandatory that all frontend azure cloud services use a ca-signed certificate, for that reason we need ArcSight…
Hi,
There is no standard connector or any other method through which we can integrate Oracle OCI. Request Kindly develop Standard connector for Oracle OCI cloud to integrate with ArcSight.
When we create a new report, I wish to see the available list of function of the Vertica database query with examples or simple syntax examples on UI so that we don't see and search it from Vertica manual.
Request is to have ArcSight SmartConnector to support Google Cloud as the Destination (kafka pub/sub topic).
Currently, SmartConnector only supports AWS S3 and Azure Event Hub as cloud destinations.
GCP is one of the common cloud platform and there…
Hi,
It is required that SIEM agents support Microsoft modern authentication as standard. However, my company found that the agent message tracing does not support the required authentication and exception security policy is applied for this issue. Risk…
Currently the defender ATP connector supports incidents but in some cases it would be good to be able to consume the alerts directly from the endpoints the below is actually taken from the Splunk integration with defender ATP but offers a description…
Support for Microsoft Cloud App Security (MCAS) is available through a separate standalone integration available on the ArcSight Marketplace, however, Micro Focus should build out and support collection though their native Microsoft Office 365 Management…
Dear Team,
We need to integrate with AWS Network Firewall logs. Also needed to integrate ArcSight SOAR too.
Our customers want our ArcSight to be added to the list above, just like our competitors Splunk and IBM QRadar. https://aws.amazon.com…
Hi,
As understand from MF ArcSight team, there will be a release for S3 connector to support CloudTrail without go through SNS/SQS configuration using single AWS account.
Best regards,
Alex Ling
Scenario:
Customer is configuring the Kafka Flex connector and their system users a SAS method. they saw that there is a place within the Azure information in the flex guide, but I don't see where I put this information when I have a ArcSight Kafka…
Palo Alto Cloud deployment has no customizable syslog string like other Palo products. Also this data lake has an SQL style API to pull logs. Any method for ingesting logs from Cortex besides writing a custom parser would be appreciated.
Please consider MS Azure WAF V1 & V2 log can be handled by smart connector.
https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview
Customer is considering migrating on-premis WAF to Azure and want to manage security events…
It would be very good and quite easy if Micro Focus add the documentation on how to add you own flex parsers for this connector so one can reuse this S3 Connector for your own logs. If MF also add the support of CEF files, then this could be the recommended…
Hello, When will Azure AD Identity Protection alerts be supported? These alerts helps the team identify Office365 users that are phished or if theirsuspicious. https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity…
As far as I know, our ArcSight products cannot be configured for scale up(down)/out(in) on the cloud. So, I would like to request planning for Auto-scaling on the cloud of ArcSight products.
AWS and Azure customers are increasing in these days, and…
CEF standard was developed ages ago. Nowadays, there are so many cloud-based log sources which require additional fields. Most of the time we use custom/flex strings, but the number of those are limited and it becomes a mess to maintain all of these across…
Request development, support for Cisco AMP Cloud based REST API Product: https://www.cisco.com/c/en_uk/products/security/amp-for-endpoints/index.html API Schema: https://api-docs.amp.cisco.com/api_resources?api_host=api.amp.cisco.com&api_version=v1
There are so many cloud applications that arcsight is not supported. To collect logs from those what are the steps to be followed and in what way we can collect logs to the smartconnector if tool support API how do we collect logs via API? can we convert…