Highlighted
Honored Contributor.
Honored Contributor.
703 views

L1-Perimeter Monitoring - Indicators and Warnings

This is the official forum for the discussion of the L1-Perimeter Monitoring - Indicators and Warnings package.

 

The installation/update package will be available from the ArcSight Marketplace. All new and updated Activate Framework packages will be made available on the ArcSight Marketplace (https://marketplace.microfocus.com/arcsight).

 

The documentation is available at https://hpe-sec.com/foswiki/bin/view/ArcSightActivate/L1PerimeterMonitoring.

Labels (1)
2 Replies
Highlighted
Respected Contributor.
Respected Contributor.

Hi Community,

We have downloaded 3 packages from the Market Place (Network Monitoring, Perimeter Monitoring and Malware Monitoring).

We imported the Activate package before importing the 3 packages which is the pre-requisite of the three.
After importing the packages, all the filters from the 3 package only says "false" which returns no events when we try to run it in an active channel.

Are we missing something? Do we need to configure something first?
 
Please see screenshot:
SS - no filter.png
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

You will need to load Activate Product Packages and hook them into the L1 Solution Packages. The instructions for hooking in the Product Packages are on the Activate Wiki. You should find links to this under the Resources section of the Product Packages. Below is a link to how to configure the hooks for the McAfee ePO VirusScan Product Package.

 

https://sec.microfocus.com/foswiki/bin/view/ArcSightActivate/PMcAfeeEpoVirusScan#Content_Hooks_for_Product_Packages

resources.png

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.