Popular Tags

  • CEF event with syslog header gets device addres/hostname parsed wrong if CEF has dvc=entry

    Hello, we have CheckPoint firewalls sending events over syslog in CEF format. Problem is, that events has also the SYSLOG header containing deviceAddress. For ChceckPoints Identity Awareness events gets generated like this: Jan 13 14:25:36 xx.xx.xx…

  • Cisco Firepower Integration with ArcSight

    Hi Dears, We need to integrate FirePower FMC version 6.3. with ArcSight What is the techniques to do that? Is there any guidelines or documents to do this ? Thanks in advance Regards, Hany

  • Imperva CEF, fields are not full

    Hi Everyone. I installed Syslog Daemon SmartConnector v 7.3.0. I have Imperva sending its Logs in CEF syslog. I noticed that some parts of string in some fields are cut, for example in Device Custom String 4, Device Custom String 5. Below, Raw event and…

  • ArcSight CaseXML 1.2 FlexConnector

    FlexConnector I wrote in 5 days after learning XML, DTDs, and XML Flexconnectors, for an immediate need to transform Case information into CEF and send the results to an external ticketing system. [pdf-att]/home/lithium/migration/hp_protect724/mnt/jive_persist…
    • ArcSight_CaseXML_1.2_Flex.pdf
    • View

  • About BlueCoat Ssl Visibility CEF Syslog Support?

    Hi, Does anynone integrated bluecoat ssl visibility product with arcsight ? i want to know, ssl visibility product support or unsupport cef syslog? Please tell me, how can i integrate with ssl visibility? i dont see any documentation on protech7-24 forum…

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Cookies Preferences
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.