Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
or@we-can.co.il1 Absent Member.
Absent Member.

ArcSight & Ayehu eyeShare Automation - by We-Ankor

Hello everyone,

We, at We-Ankor (formerly We!), have started working with a company named Ayehu.

For those who are not familiar, Ayehu develop an extremely flexible automation framework called 'eyeShare' that can be used to automate anything, from simple scheduled routines to complex incident response procedures based on triggers.

We built a bi-directional integration between ArcSight and eyeShare that works as followed:

  1. A rule (any rule) is triggered at ArcSight.
  2. The rule sends an e-mail (or SNMP/Syslog/etc.) to eyeShare.
  3. When eyeShare receives that information, it parses the data, understands which rule was triggered, and starts a response procedure for according to a defined set of workflows that can be created and customized.
  4. When the response procedure is complete, or on selected stages along the way, it returns information back to ArcSight.

Using this automation, we were able to shorten incident response processes for many scenarios from days to minutes, freeing time for operators and analysts to investigate new information.

Please view the following presentation showing a few key concepts and use cases:


Feel free to contact me for more information.



The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.