${resource:CF_GenericContent}test

If an answer to your question is correct, click on "Verify Answer" under the "More" button.  The answer will now appear with a checkmark.  Please be sure to always mark answers that resolve your issue as verified.  Your fellow Community members will appreciate it!  Learn more.

  • State Not Answered
  • Replies replies
    3
  • Subscribers subscribers
    27
  • Views views
    593
  • Users 0 members are here

DarkTrace Integration to ArcSight

Gracie Emmanuel

Hi All ArcSight users

Are there any configuration guides from Microfocus for DarkTrace? Despite searching extensively, I haven't been able to locate any documentation from Micro Focus regarding this product. We recently tried integrating DarkTrace Email Security into ArcSight via Syslog, sending the output in CEF format. Unfortunately, this integration didn't function correctly, and the logs were truncated.  Has anyone integrated this product with ArcSight, and if so, what integration method did you use?

Parents
  • 0

    Hi,

    In our deployment we used CEF- Darktrace supports it. But like Vitz said, sometimes it is hit and miss on what the vendor exports or gives you the information. 

    Just make sure you export all the events - as sometimes you also need to define which alerts will be exported. And it works for the most part. Make sure to include the Cyber AI analyst events as well as model breaches. For any real investigations you would need to revert back to Darktrace. 

    BR

    S

Reply
  • 0

    Hi,

    In our deployment we used CEF- Darktrace supports it. But like Vitz said, sometimes it is hit and miss on what the vendor exports or gives you the information. 

    Just make sure you export all the events - as sometimes you also need to define which alerts will be exported. And it works for the most part. Make sure to include the Cyber AI analyst events as well as model breaches. For any real investigations you would need to revert back to Darktrace. 

    BR

    S

Children
No Data

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Cookies Preferences
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.