New Ranks & Badges For The Community!
Notice something different? The ranks and associated badges have gone "Star Fleet". See what they all mean HERE
Highlighted
Vice Admiral
Vice Admiral
728 views

L1-Perimeter Monitoring - Indicators and Warnings

This is the official forum for the discussion of the L1-Perimeter Monitoring - Indicators and Warnings package.

 

The installation/update package will be available from the ArcSight Marketplace. All new and updated Activate Framework packages will be made available on the ArcSight Marketplace (https://marketplace.microfocus.com/arcsight).

 

The documentation is available at https://hpe-sec.com/foswiki/bin/view/ArcSightActivate/L1PerimeterMonitoring.

Labels (1)
2 Replies
Highlighted

Hi Community,

We have downloaded 3 packages from the Market Place (Network Monitoring, Perimeter Monitoring and Malware Monitoring).

We imported the Activate package before importing the 3 packages which is the pre-requisite of the three.
After importing the packages, all the filters from the 3 package only says "false" which returns no events when we try to run it in an active channel.

Are we missing something? Do we need to configure something first?
 
Please see screenshot:
SS - no filter.png
0 Likes
Micro Focus Expert
Micro Focus Expert

You will need to load Activate Product Packages and hook them into the L1 Solution Packages. The instructions for hooking in the Product Packages are on the Activate Wiki. You should find links to this under the Resources section of the Product Packages. Below is a link to how to configure the hooks for the McAfee ePO VirusScan Product Package.

 

https://sec.microfocus.com/foswiki/bin/view/ArcSightActivate/PMcAfeeEpoVirusScan#Content_Hooks_for_Product_Packages

resources.png

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.