Highlighted
New Member.
858 views

How are you doing baselining in ESM?

All,

I am in the process of creating a presentation about baselining in ESM.

There are several tools available in ESM like query viewers, data monitors, pattern discovery and more.

Would you share your experience with me? Any use case how you utilize various components in ESM for baselining will help me.

If you have sensitive material which needs to be sanitized before being published, then you can also send me a private message and I will take care of removing all customer references from that material.

The more input I get, the more I can give back to you as our very valuable community!

thanks! Till

Labels (2)
0 Likes
Reply
6 Replies
Highlighted
Acclaimed Contributor.. Acclaimed Contributor..
Acclaimed Contributor..

Re: How are you doing baselining in ESM?

Hello Till,

that is not so easy because we developed a lot in the past two years and sharing everything would take me weeks.

Could you give us more specific requirements waht you are looking for?

Volker

0 Likes
Reply
Highlighted
New Member.

Re: How are you doing baselining in ESM?

Thanks Volker,

basically I am just collecting field experience what functionality is mostly used for what kind of baselining use case.

If you have something useful to share, than I will give you a call next week to discuss if you don't mind.

regards, Till

0 Likes
Reply
Highlighted
New Member.

Re: How are you doing baselining in ESM?

Let me re-phrase my question to get more input...

  • Baselining with Query Viewers: who is using it for what kind of data / use-case
  • Baselining with Data Monitors: who is using it for what kind of data / use-case
  • Baselining with Pattern Discovery: who is using it for what kind of data / use-case
  • Is anyone using other technologies in ESM  to build baselines? If so which?
0 Likes
Reply
Highlighted
Acclaimed Contributor.. Acclaimed Contributor..
Acclaimed Contributor..

Re: How are you doing baselining in ESM?

Hello Till,

the next two weeks I will be in holiday incl. Defcon in Las Vegas

To your questions:

Baselining with Data Monitors: who is using it for what kind of data / use-case

We have several data monitors in place and we are using also the basic ones from ArcSight.

One we developed on our own to have an hourly overview over our main channels to see the throughput but I just started to develop them and I will do more with them in the future.

Baselining with Pattern Discovery: who is using it for what kind of data / use-case

This part I also want to use more and I will start with it directly after my holiday.

Volker

0 Likes
Reply
Highlighted
Absent Member.
Absent Member.

Re: How are you doing baselining in ESM?

Hi,Till

   

       We developed baseline for business or management, we need to know the customer's specific needs.

       For example, the definition of firewall event baseline, some events need to collect some of the event  firewall, only allows certain clients to access, often access to certain ports, and the customer to check and then define the baseline.

       We can also define the application server to access the traffic and concurrency, the general work in the morning and afternoon traffic when the application server and a few more complicated, lunch time and evening time is relatively small.

      Each basline need to design according to customer's actual situation.If you can give more specific needs, we should also be designed.

    

     

     Troy

0 Likes
Reply
Highlighted
Absent Member.
Absent Member.

Re: How are you doing baselining in ESM?

Hi doy anyone have  any arb that want / or can share about baselines?

Regards

0 Likes
Reply
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.