• Arcsight platform problem in the dashboard

    hello, i just installed the last version of arcsight platform 24.2, the installation was successful, but if i go to one the reports tab it give me a blank page, the soar works fine if anyone has an idea on how to resolve this please
  • Integrate Platform and SOAR to existing SIEM

    Hello, currently I have software version of Logger,ArcMC and ESM on separated servers. If I want to use SOAR and other Arcsight Platform products can I just setup 4th server with CDF and then use for example this config " example-install-config-recon…
  • Scheduled playbook editor in SOAR

    Hello everyone, I've been trying a build a python script through the scheduled playbook editor on the SOAR but I'm facing some difficulties: First, I checked the python interpreter installed on it. import sys print(sys.version) 2.7.3.1-SNAPSHOT (version…
  • Is it possible to make the SOAR use local server files ?

    Hello everyone, I'm trying some configurations where I need the SOAR to use local files and send it to some other parties by mail. Is that possible ? Best Regards, Marty
  • Downloading Arcsight reports with the SOAR

    Hello everyone ! Could you please help me with ideas for a problem I'm currently facing. In our company, we just integrated the SOAR platform. And there are a bunch of tasks that we'd like to automate land the first one is sending the reports to…
  • Trend Micro Integration for ArcSight SOAR

    Hello, I have already owned an old integration code from Trend Micro vendo for Deep Discovery Analyzer. I try to convert or take piece by piece from old code an try to build a plugin for ArcSight according to desired structure in documentatio below. An…
  • Integrate ITSM with ArcSight SOAR

    Integrate ITSM with ArcSight SOAR for create incident update incident and close incident
  • ArcSight SOAR Case

    I use ESM as the Alert Source for SOAR, but the rule in ESM triggers only when the same source Address and URL occur 1000 times within 24 hours, whereas SOAR Case triggers for every single event. Where should I adjust this?
  • Arcsight Platform upgrade

    Hi, We have on premise ArcMC,ESM and Logger. What is best practices to intergrade Platform ? Do I need install ESM and Logger again with Platform deploy or I can use them separately ? I am only need SOAR. Thanks J
  • How to purge all Arcsight soar case ?

    Hi Guys I Had many cases by Lab test,how to purge all Arcsight soar cases ? ArcSight Platform 23.1 ArcSight SOAR 3.5.0
  • ArcSigh SOAR 3.5 or newest (from ArcSight Platform 23.1)

    Hello, Is there any documentation about how to create an advanced playbook in SOAR , how to create custom Integration and how to match that integration with the New created Customization Library? As I see in ArcSight SOAR 3.3 User Guide and 3.3 Integration…
  • SOAR - Email Attachment Puller

    Dear Experts, I have a requirement where we need to listen to new incoming mails with a particular subject line and pull the attachments into SOAR. On the attachments using a few logic we need to capture the source or destination Address and send…
  • Arcsight SOAR can't add "Arcsight Intelligence" Alert source/Integration ?

    Hi Community, I want to add "Arcsight Intelligence" Alert source/Integration,so I follow arcsight-admin-guide-23.1 add the Client ID and Client Secret to the Alert Source /Integration configuration on Intelligence. but test the Alert source/Integration…
  • ArcSight SOAR automation bits "ClassCastException" Error

    Hello, So, we have ArcSight Platform 21.1.0, with ESM 7.5 and the SOAR capability version 3.1; The following Automation Bit is trying to add an item to a List through "atar.listAddItems" method: from java.util import Date listEntry = {} ip_scope_items…
  • ArcSight SOAR - ESM

    Hi Community, I was wondering if SOAR can be installed solely without ArcSight Platform (like download the soar tar file and deploy it), and on the same VM as ESM. Your help is appreciated.
  • SOAR - Logger Query Results Download Question

    When configuring a download from a logger search query done via a playbook or an enrichment triggered from the SOAR. When the results are returned to the SOAR is there a way to assign a value to the download. For example, when clicking a download button…
  • SOAR - Adding action to existing integration

    Is adding action to existing integration supported ? For example, existing PAN firewall integration supports rollback. I would like that capability to be a separate action which can be triggered manually from a case or through a playbook. Is there a…
  • SOAR - Pin Enrichment to case automatically

    I would like to pin an enrichment (Say Event Search) to a Case automatically however I cannot see any option in the guides or configuration to do that.
  • Country field is Unknown in SOAR case event detail.

    Country field is Unknown in SOAR case event detail. However in ESM base event country field detail are properly populating.
  • How can I convert the old .lic license file format to .dat or xml format? (I haven`t any valid support!)

    Hi, I have a valid license file for ESM with the old format type ".lic", And I want to import it to the newly installed SOAR instance. My problem is that I can`t use an old license file format for activating the SOAR instance. I must have a valid…
  • See the code of Out-Of-The-Box actions on SOAR

    Hi team, is there any way in SOAR 3.1 to see the code of an Out-Of-The-Box action (for example, the "Windows - Loggoff" action), to be able to modify it as a new custom automation bit? Thanks!
  • SOAR and "Windows - Logoff" Action on Workflow Playbook

    Hi team! We are configuring a SOAR 3.1 Workflow Playbook with a "Windows - Logoff" Action, but it has a static " Username to logoff " config option that we need to set it with a value from the Alert that has triggered the Playbook. Is there any way…
  • CDF portal user registration page not showing direct login page

    CDF portal user registration page not showing direct login page is coming up. Any idea to re register user with a email id.
  • Introduce me a simpler reference(s) for "ArcSight Platform 21.1 Installation Guide" !

    Hi geeks! I was confused by referring to the document of the " Administration`s Guide for ArcSight Platform 21.1 ". Is there anyone who can guide me or introduce me to a better reference easier and simpler than the steps described in that document?…
  • soar-web-app 3.1.1.1 image missing

    Hello! With the new Intelligence 6.3.0.1 patch, the metadata also got an update, it went all good and everything, except for SOAR. The new meta needs soar-web-app:3.1.1.1 image (current version is 3.1.0.5), which i could not find yet to download, there…