Standard Content Guide for ArcSight Express v4.0

3 Likes

A complete catalog of the standard content use cases available for ArcSight Express v4.0: Cisco Monitoring, Device Monitoring, Windows Monitoring, NetFlow Monitoring, Operations, Security and Threat.

Labels:

Archives
Comment List
Anonymous
Parents
  • Hi, Steven,

    Wanted to respond to this after checking with the team. The Microsoft Windows Event Log- Unified SmartConnector parser version can be configured, but it is an operation that should be done with the guidance of ArcSight Customer Support in order to avoid unwanted results. We recommend that anyone following along at home consult first with ArcSight Customer Support for the full context of when and how to modify Microsoft Windows Event Log- Unified SmartConnector parser versions.

    Out of the box with ArcSight Express, the Microsoft Windows Monitoring content is triggered by Microsoft Windows events from the Microsoft Windows Event Log- Unified SmartConnector with parser version 1. For ArcSight Express 4.0, make sure this SmartConnector is installed and configured.

Comment
  • Hi, Steven,

    Wanted to respond to this after checking with the team. The Microsoft Windows Event Log- Unified SmartConnector parser version can be configured, but it is an operation that should be done with the guidance of ArcSight Customer Support in order to avoid unwanted results. We recommend that anyone following along at home consult first with ArcSight Customer Support for the full context of when and how to modify Microsoft Windows Event Log- Unified SmartConnector parser versions.

    Out of the box with ArcSight Express, the Microsoft Windows Monitoring content is triggered by Microsoft Windows events from the Microsoft Windows Event Log- Unified SmartConnector with parser version 1. For ArcSight Express 4.0, make sure this SmartConnector is installed and configured.

Children
No Data
Related Discussions
Recommended