Highlighted
mvarandani Absent Member.
Absent Member.
246 views

Data Feed output from Arcsight

Hello All,

I am new to Arcsight logger, but stuck with some data pull.

1) I am looking for any option whether HTTP Request/Web API or any other option from where I can get the logs from ArcSight for my further usage. I am working on remedy and want to write a connection where any incident log which found by logger automatically raise a ticket in my remedy.

I tried to use webAPI but unable to understand the method of pulling the data for a particular inbuilt arcsight report.

Concerns: As per my understanding using web api

1) I have to first make a session/cookie by passing(username/password) as authentication[LOGIN SERVICE] -> then the authentication give me a session/cookie, which we will have to send with next search report URL which will be used as authentication token to query the arcsight logger [REPORT SERVICE].

Please correct me if I am wrong.

Or

Assist me how I can get the data via Web api URL from the Arcsight

Thanks in advance

Regards

mahendra Varandani

Labels (1)
0 Likes
Reply
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.