New Ranks & Badges For The Community!
Notice something different? The ranks and associated badges have gone "Star Fleet". See what they all mean HERE
Highlighted
Fleet Admiral
Fleet Admiral
1833 views

Unofficial RT Ticketing Integration for ArcSight ESM released

Even though freetime wasn't exactly on my side the last few weeks, i managed to compile the initial version of the ESM integration with Request Tracker.

As a part of the ongoing community integrations, where the community can request certain integrations to be added to the ESM by other community members, the first version of the RT Ticketing System integration has been released, as requested by @Frenjd

More information about RT can be found Here.

The initial release comes with functionality to automatic create tickets in RT based on rule actions or manual integration commands in the ESM Console, and documentation on how to install and configure it.

It also supports mapping any information from the correlated event to the ticket created through the basic but easy to use template system.

It has now undergone testing, and following the documentation will now get you from start to finish without issues.

As an initial release, it also means that while all functionality might be in place, there is always room for improvements, some of them would be:

  • Adding new events to existing tickets (Almost done)
  • Proper logging and configurable logging directory.
  • Better templating, or support for multiple template files.
  • Better error checking on API requests.
  • Debug mode.
  • Better README format, better explanations and proof reading.

If you want to try it out, but do not have a RT test environment, a complete finished RT image exists for docker here (which is what i used while developing the integration, so it works just fine!):

https://hub.docker.com/r/netsandbox/request-tracker/

If there is any questions, issues, feedback or anything else, do not hesitate to post it either here, or in a github issue for the project. Contributions through PR's are always welcome as well!

The files and documentation can be found at the current location:

https://github.com/arcsight-unofficial/arcsight-esm-requesttracker

PS: All new and cool integrations will also be released on the arcsight-unofficial github, so follow it to keep yourself up 2 date! Anything i upload there will also be posted here in this community.

-----------------------------------------------------------------------------------------
All topics and replies made is based on my personal opinion, viewpoint and experience, it does not represent the viewpoints of MicroFocus.
All replies is based on best effort, and can not be taken as official support replies.
//Marius
1 Reply
Highlighted
Cadet 1st Class
Cadet 1st Class

Thank you for your effort so far, i have search and search this is the only material on integration Arcsight with RTIR. though i try following the steps on the guide and i got some error i don't know if you can help me with any more guide or to direct me on what to do.

Thank you in anticipation.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.