Sending Argus Data to ArcSight
Dave Edelman
dedelman at iname.com
Sun Nov 25 17:20:15 EST 2012
John,
I have quite of bit of data that I collect and process using Argus and the clients and some of that ends up in CEF format for ingestion by ArcSight. I don’t have any SmartConnectors that deal directly with Argus data.
It would be helpful to have a few more details about the type of data you would be sending to ArcSight and even more important than that, how you would be using the data. SIEM products frequently end up being repositories for huge amounts of data and miniscule amounts of information if they don’t have adult supervision.
--Dave
From: argus-info-bounces+dedelman=iname.com at lists.andrew.cmu.edu [mailto:argus-info-bounces+dedelman=iname.com at lists.andrew.cmu.edu] On Behalf Of John Kennedy
Sent: Wednesday, November 21, 2012 2:14 PM
To: Argus
Subject: [ARGUS] Sending Argus Data to ArcSight
All,
Does anyone have any experience setting up an ArcSight SmartConnector for Argus? I am curious how it is working out in your environment as well as if there is any impact to ArcSight.
Thanks
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20121125/160a6ca3/attachment.html>
More information about the argus
mailing list