jharanag Absent Member.
Absent Member.
308 views

no result found in a arcsight logger search

hey guys i am training in arcsight logger and whenever i put a search query the result is "no result found".

so could anyone say what is the problem and it would be great to know answer too

i have also attach a print screen of it

Labels (1)
Tags (1)
0 Likes
12 Replies
sujansures Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

Hi ​,

What you actually wanted to search? if this is the case then there might be no logs corresponding to this search, may be! For every search you will be getting the list of available logs, try drilling down from that.

Regards,

0 Likes
jharanag Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

actually we are trying a trial version and for every search the result is same

0 Likes
sujansures Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

​ are you getting live logs..?

0 Likes
jharanag Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

you mean the one in analyze option?

whenever i tried that it says unexpected error occur

0 Likes
Highlighted
sujansures Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

Hi ​,

Then make sure the devices you have integrated are proper. Kindly check whether you have also enabled the agent in the logger so that it will get the logs from the smart connector..? check for it..!

in configure --> Manage Connector you will find the option to add one.

Make sure you have added.

Regards

0 Likes
jharanag Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

thank you ​ for your solution

0 Likes
jharanag Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

dear actually i am running a trial version and i dont think your solution is supported in it......

any other solution pls

0 Likes
sujansures Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

​ you can actually do this in your logger. Even I was having a trial logger actually. Make sure you have enabled that particular connector host in the logger (mainly un-checking the checkbox 'X') so that it can get the logs. If not, assuming you have installed a SC locally in a windows machine try checking it.

But before everything iptables, selinux and firewall has to be disabled in your linux machine buddy

Regards

Sujan

0 Likes
jharanag Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

do you have any idea about this suggestion?

0 Likes
gyan.tamang Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

right now we haven't used the any connector, we are just try to see the evenst of login and log failed in the logger, at the time of installation completions, some events are shows but right now none of events are shown, is it possible to see the login and failed events without using the smart connectors?

0 Likes
Acclaimed Contributor.. Shaun Acclaimed Contributor..
Acclaimed Contributor..

Re: no result found in a arcsight logger search

try a simple query: _storageGroup IN ["Internal Event Storage Group"]

0 Likes
gyan.tamang Absent Member.
Absent Member.

Re: no result found in a arcsight logger search

i think there is problem with receiver, this is the snapshot of dashboard

Capture.JPG

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.