Brute Force Attack Security Use Case Guide



Updated branding only, no change to content

How to install, configure, and use the Antivirus Monitoring security use case version 1.0.

You can download this use case from the ArcSight Marketplace portal under the Classic Packages category:


Security Use Cases
Comment List
  • Hey Pushpendra,

    This is documentation for the Brute Force Attack package in the Classic Packages category on the ArcSight Marketplace, it is not one of the Activate Packages.

    The Classic Packages category contains updates and repackagings of the original ArcSight Foundation content that shipped with ArcSight ESM prior to ESM v6.9. All the use cases there are either already migrated to Activate, or are in the process of being migrated.

    The Brute Force Attacks for accounts is part of the upcoming Activate User Monitoring packages release, which is still in development and testing (working drafts of L1-User Monitoring documentation and L2-User Monitoring documentation are currently available on the Activate Wiki).

    Hope this helps,



    Prentice S. Hayes
    Product Management, ArcSight | Connectors
    Micro Focus

  • It says that "How to install, configure, and use the Brute Force Attack security use case version 1.1"

    However, I could not find anywhere version 1.1 as mentioned. Also I see no update in the document as mentioned by Jane Mulcaster on Oct 6, 2016. Can anyone tell where is latest of 1.1 ?

    Also I have a question that there used to be brute force contents by default in fresh ESM installations but its not there anymore since ESM 6.9, Can you please confirm which activate package those brute force contents/usecase is moved to? Or this is the package which is build to replace those default contents ?



Related Discussions