Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE

What's New with ArcSight Data Platform!

Security_Guest Frequent Contributor.
Frequent Contributor.
0 0 2,087

Guest post by Viktor Doundakov, Product Manager 

The Micro Focus release of ArcSight Data Platform (ADP) 2.31 gives you a significant service pack that delivers more than just patches and quality fixes to your Security Operations Center (SOC). It presents two new important features in the areas of data source monitoring and enhancements to the QuickFlex authoring tool. 

What's New with ArcSight Data Platform2.pngIn this latest release, ArcSight Management Center now lets you monitor the events per second (EPS) throughput coming from your data sources. This gives you increased insight on detecting spikes, as well as lack of activity that indicates a data source might be down, allowing you to better monitor your log connections. 

The QuickFlex authoring tool has been updated to let you verify whether or not the sample logs from a vendor’s device are CEF-compliant by adding validations and in certain cases allowing corrections. This includes validating that CEF header fields and CEF field names extensions are correct, changing CEF keys to match the type in the line extensions, verifying field types, and generating a report on the correctness of CEF fields, as well as names and changes made to CEF extensions. 

These new features in ADP augment several other enhancements made a few months earlier in the ADP 2.30 release that increase the overall scalability and openness of ADP. 

Topping the list of the 2.30 features is the Syslog Collector and Connector in Event Broker, or CEB for short. With CEB you can gain increased speed, scalability, and robustness by moving parsing and normalization processes from collectors and connectors into your Event Broker cluster powered by Kubernetes. 

Additionally, Apache MirrorMaker has been certified to integrate with ArcSight Event Broker, letting you create multi-cluster Event Broker deployment layouts for even more scalability and routing flexibility of your enterprise data flows, as well as additional high availability and disaster recovery options for your data. 

Guest Data entitlement is another example of openness of ADP, which allows you to use your Event Broker environment to pass through non-security data to other sources without it impacting your license utilization. Together with the ArcSight SecureData Add-on for ADP added in a previous release, the new Secure Data Re-identification user interface in Logger further helps you with your GDPR privacy efforts, while strengthening your data security posture. 

These are just a highlight of some of the major new features in ADP 2.31 and 2.30. If you want to learn more about these and other new features, talk to your Micro Focus sales rep or contact us directly. Also, watch for upcoming posts that will delve deeper into some of these new enhancements.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.