L1-Perimeter Monitoring - Indicators and Warnings

This is the official forum for the discussion of the L1-Perimeter Monitoring - Indicators and Warnings package.

 

The installation/update package will be available from the ArcSight Marketplace. All new and updated Activate Framework packages will be made available on the ArcSight Marketplace (https://marketplace.microfocus.com/arcsight).

 

The documentation is available at https://hpe-sec.com/foswiki/bin/view/ArcSightActivate/L1PerimeterMonitoring.

Parents
  • Hi Community,

    We have downloaded 3 packages from the Market Place (Network Monitoring, Perimeter Monitoring and Malware Monitoring).

    We imported the Activate package before importing the 3 packages which is the pre-requisite of the three.
    After importing the packages, all the filters from the 3 package only says "false" which returns no events when we try to run it in an active channel.

    Are we missing something? Do we need to configure something first?
     
    Please see screenshot:
    SS - no filter.png
Reply
  • Hi Community,

    We have downloaded 3 packages from the Market Place (Network Monitoring, Perimeter Monitoring and Malware Monitoring).

    We imported the Activate package before importing the 3 packages which is the pre-requisite of the three.
    After importing the packages, all the filters from the 3 package only says "false" which returns no events when we try to run it in an active channel.

    Are we missing something? Do we need to configure something first?
     
    Please see screenshot:
    SS - no filter.png
Children