Note:
The Command Center provides an easier way to search events in ESM and ArcSight Logger than integration commands.
Refer to the Searches topic in the ArcSight Command Center User’s Guide for more information on setting up Logger peers and performing searches on those peers.
You can use either of these approaches for setting up the Logger searches:
Configure target and authentication details before the commands are run (for example, a single administrator specifies Logger targets, users, and command parameter values). For this workflow, follow the steps below to:
1. Set Up Logger Command Targets,
Configure commands at command runtime (for example, if you launch a command based on an active channel selection and fill in the target appliance IP address, authentication token, and parameter values on-the-fly).
If you have not pre-configured the command details, you are prompted to enter the right values when you run the commands. Information on how to run integration commands, see Running Integration Commands. (This topic includes information about running commands and entering/saving parameter values at command runtime.)
To enable pre-configured ArcSight Logger searches from the ArcSight Console, follow these steps.