Security

last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Back to discussions
Expand all | Collapse all

CPPM integration with SIEM - HP Arcsight

This thread has been viewed 4 times

  • 1.  CPPM integration with SIEM - HP Arcsight

    Posted Oct 25, 2015 05:27 AM

    We have HP Arcsight and want to integrate it CPPM to collect logs.Please help with any solution document or any procedure where I can successfully deploy it.



  • 2.  RE: CPPM integration with SIEM - HP Arcsight
    Best Answer

    Posted Oct 25, 2015 06:47 AM

    a simple google for: hp arcsight clearpass turns up:

     

    https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_ViewDetails/Default.aspx?EntryId=13860



  • 3.  RE: CPPM integration with SIEM - HP Arcsight

    Posted Oct 25, 2015 07:28 AM

    thanks for the prompt help and support



  • 4.  RE: CPPM integration with SIEM - HP Arcsight

    Posted Oct 26, 2015 11:39 AM

    Let me add a little extra info, also the technote posted is only for Logger, below I discuss ESM.....

     

    SInce the acquisition I've been driving the integration (and this will continue over the next few months) for CPPM and ArcSight. 

     

    The first action i had to achieve was to get CPPM ArcSight certified. We had previously released CEF syslog format but after working with the arcsight team over at HP we had a few issues related to field-mapping and formatting. As of the next CPPM patch 6.5.4 which we will release this week we have completed all of the changes requested by the arcsight team, so that means we will soon have the CEF Certified Logo - Yippeeeee....

     

    Over the next few months you'll see additional integration features from me as we work closer with the arcsight team.