Logstash ArcSight Module

122418

Elastic Community

App Support Tiers

OpenText SUPPORTED

Support via OpenText Software Support, with a ticket filed against the associated product.

PARTNER

OpenText offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by OpenText of the OpenText community.

OpenText COMMUNITY

OpenText Community Content is provided by OpenText for the benefit of customers, support for it is not available via OpenText Software Support but through specific community content forums.

COMMUNITY

Community Contributed Content is provided by OpenText customers and supported by them.

EARLY ACCESS

Show less ...Show more

The downloads referenced under the "Cybersecurity Early Access" category are made available to subscribers to mitigate time-critical issues but have not undergone formal quality and performance testing associated with official OpenText/Cybersecurity product releases. OpenText has a multi-stage Quality Assurance process. During Stage 1 we conduct a resource analysis, field mapping, ensure content level 1 functionality and analysis in our sandbox environment. Stage 2 is a complete validation including production validation. This package has cleared Stage 1 validation and therefore should be deployed with the appropriate pre-production validation. OpenText strongly recommends that any downloaded content is first checked and tested thoroughly in a non-production environment before committing to production. We welcome feedback and, should any content be shown to be faulty, detrimental or carry an incorrect claim of authorship, we shall endeavor to remove or correct such content as promptly as reasonably possible once notified and validated.

Elastic | Community

The Logstash ArcSight module enables you to easily integrate with the ArcSight Data Platform (ADP) to explore and visualize data in real-time with the Elastic Stack.

441 downloads

Product compatibility

Description

Note: The ArcSight Module is an X-Pack feature under the Elastic Basic License and is, therefore, free to use. Please contact arcsight@elastic.co for questions or more information.

The Logstash ArcSight module enables you to easily integrate with and augment the ArcSight Data Platform (ADP) to explore and visualize data in real-time with the Elastic Stack. With a single command, the ArcSight Module taps directly into the ADP data stream, parses and indexes the security events into Elasticsearch, and installs a suite of Kibana dashboards to get you exploring your data immediately. The ArcSight Module is available starting with the Logstash 5.6 release.

This module requires the installation of Elasticsearch, Kibana, and Logstash:

Elastic Products: https://www.elastic.co/products
Elastic-ArcSight Integration: https://www.elastic.co/arcsight
Technical Documentation: https://www.elastic.co/guide/en/logstash/current/arcsight-module.html