ArcMc shows the devices that are reporting, in the summary dashboard. The Topology and Deployment Views also show Source, Processor, Destination
In preparation for a data center relocation, we need to identify all Log Originating devices that are…
To create MIB file for logger hardware that output SNMP trap alert with the following:
2022/11/13 14:00:00 SGT
Alert:deviceHostName=Hostname.sample
deviceIPAddress=IPaddress.sample deviceProduct=Product.sample
deviceVendor=Vendor.sample
cause…
JUNOS Syslog parsing issue - ArcSight support have advised they only support up to 14.2 and have directed me here.
My question is if JUNOS 15 has been out since 2016 and the last ArcSight certified version up to 14.2 (no longer supported by Juniper…
Hy!
I'd like to suggest to have builtin categorization for products such as eDirectory, ZENworks, OES (NSS), Filr etc.. These are MF products which support CEF logging, so categorization would be useful for atleast security related events.
Regards…
This ideas is to modify the MISP MIC to produce IoCs to a THub topic. With these in THub, the ArcSight portfolio can consume these from a central location. ESM would consume these IoCs and populate Active Lists. Recon would consume them and populate Lookup…
Hello,
Will ArcSight supports the below-mentioned Cortex data lake Ciphersuites?
=========================================================
What CDL supports:
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384…
Bulk deletion of the default certs that get ship with ArcSight Logger, a few are ok but why so many and why delete only one at a time. Maybe a script can also be used.
Hi, we still encounter problems with RFC5424 logs which include comments inside a structured data field. Those comments are encapsuled with quotes and therefore these quotes get escaped. e.g eventType="PAM:session_closed for acct=\"root\"" It may also…
First great work on including the Office ATP events in the office 365 7.15 connector I was almost done with my flex connector when that was release on 4/30. One thing enhancement we implemented (see map file below) was we crafted a URL that will will…