Activate P-Windows (Obsolete)

OpenText OpenText Community

App Support Tiers

OpenText SUPPORTED

Support via OpenText Software Support, with a ticket filed against the associated product.

PARTNER

OpenText offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by OpenText of the OpenText community.

OpenText COMMUNITY

OpenText Community Content is provided by OpenText for the benefit of customers, support for it is not available via OpenText Software Support but through specific community content forums.

COMMUNITY

Community Contributed Content is provided by OpenText customers and supported by them.

EARLY ACCESS

Show less ...Show more

The downloads referenced under the "Cybersecurity Early Access" category are made available to subscribers to mitigate time-critical issues but have not undergone formal quality and performance testing associated with official OpenText/Cybersecurity product releases. OpenText has a multi-stage Quality Assurance process. During Stage 1 we conduct a resource analysis, field mapping, ensure content level 1 functionality and analysis in our sandbox environment. Stage 2 is a complete validation including production validation. This package has cleared Stage 1 validation and therefore should be deployed with the appropriate pre-production validation. OpenText strongly recommends that any downloaded content is first checked and tested thoroughly in a non-production environment before committing to production. We welcome feedback and, should any content be shown to be faulty, detrimental or carry an incorrect claim of authorship, we shall endeavor to remove or correct such content as promptly as reasonably possible once notified and validated.

OpenText | OpenText Community

The P-Microsoft Windows package offers an easy way to monitor both host and entity related individual incidents. This package supports L1 & L2 Host Monitoring and L1 & L2 Entity Monitoring Use Cases and User Stories.

1,846 downloads

Description

The P-Microsoft Windows package offers an easy way to monitor both host and entity related individual incidents. Furthermore, it offers the flexibility to integrate the product's events with either Activate L1 Indicator and Monitoring packages or the existing non-Activate contents for further detection and investigation. This package supports the following Use Cases and User Stories:

Host Monitoring

System Errors
System Changes

Entity Monitoring

Account Anomalies
Entity Authentication
Entity Management

Please see the Release Notes for changelog details.

Minimum Requirements

Activate Base- Version 2.5.2.0 and later

Suggested apps

FREE

New

OpenText

Novell Cloud Security Service

OpenText

This Novell Sentinel Collector provides data-capture capabilities for Novell Cloud Security Service and related products.

New

OpenText COMMUNITY

SmartConnector User's Guide

OpenText

Pretty much everything you need to know about collecting events using ArcSight SmartConnectors.

Process

OpenText

This Novell Sentinel Connector allows you to start external processes and capture the output from those processes.

FREE

New

OpenText

NetIQ Self Service Password Reset

OpenText

This NetIQ Sentinel Collector provides data-capture capabilities for NetIQ Self Service Password Reset and related products.

FREE

New

OpenText COMMUNITY

Playbook-Endpoint Investigation - Windows

OpenText

A Playbook for Endpoint Investigation on Windows Platforms

McAfee Network Security Platform

OpenText

This Novell Sentinel Collector provides data-capture capabilities for McAfee Network Security Platform and related products.

FREE

New

OpenText

McAfee Vulnerability Manager

OpenText

This NetIQ Sentinel Collector provides data-capture capabilities for McAfee Vulnerability Manager and related products.

FREE

New

OpenText COMMUNITY

MITRE ATTACK Package for ArcSight Logger

OpenText

The Logger MITRE ATT&CK Package is a set of Logger Searches which let you hunt MITRE ATT&CK related activity.

729

New

Community

Fortify SonarQube Plugin

James Rabon

Fortify SonarQube plug-in allows for importing Fortify scan results from Software Security Center into SonarQube.

1,142

Releases

Release

Size

Date

P-Microsoft Windows 2.1.0.0

72.2 KB

Apr 5, 2019

More info Less info

Product compatibility

ArcSight ESM

Version 6.8 · 6.11.0 · 6.9.1

Version 7.0 · 7.2 · 7.3 · 7.1 · 7.4 · 7.5 · 7.6 · 7.7 · 7.8

Release notes

New rule resources added

A Suspicious Process Attempted An Operation On Windows Privilege Object
A Suspicious Process Attempted To Access A Windows Object

Languages

English

Files

(72.2 KB)

P-Microsoft Windows 2.0.0.0

59.8 KB

Nov 13, 2018

More info Less info

Product compatibility

ArcSight ESM

Version 6.8 · 6.11.0 · 6.9.1

Version 7.0 · 7.2 · 7.3 · 7.1 · 7.4 · 7.5 · 7.6 · 7.7 · 7.8

Release notes

New rule resources added

Interactive failed Login to Domain Controller Detected
Interactive Successful Login to Domain Controller Detected
Remote Interactive (RDP) Login to Domain Controller Detected

Languages

English

Files

(59.8 KB)

P-Microsoft Windows 1.1.0.3

69.6 KB

Jun 28, 2018

More info Less info

Product compatibility

ArcSight ESM

Version 6.8 · 6.11.0 · 6.9.1

Version 7.0 · 7.2 · 7.3 · 7.1 · 7.4 · 7.5 · 7.6 · 7.7 · 7.8

Release notes

This release contains the following:

1) Verified and Fine-tuned Rules and Filter conditions for efficient event evaluation.

2) Included : 'System Audit Policy was Changed'', "DSRM Account Password Change Attempt", "Custom Special Group Logon Tracking" & "A Directory Service Object Was modified" user stories to this release.

Languages

English

Files

(69.6 KB)

P-Microsoft Windows 1.1.0.2

66.5 KB

Feb 7, 2018

More info Less info

Product compatibility

ArcSight ESM

Version 6.8 · 6.11.0 · 6.9.1

Release notes

This update includes customization and update packages and minor bug fixes.

Languages

English

Files

(66.5 KB)

P-Microsoft Windows 1.1.0.1

57.2 KB

Mar 31, 2017

More info Less info

Product compatibility

ArcSight ESM

Version 6.8 · 6.11.0

Version 7.0 · 7.2 · 7.3 · 7.1 · 7.4 · 7.5 · 7.6 · 7.7 · 7.8

Release notes

MKTP-418 : Updated "User Account Enabled" Filter bug.

Languages

English

Files

(57.2 KB)

P-Microsoft Windows 1.1.0.0

57.3 KB

Mar 30, 2017

More info Less info

Product compatibility

ArcSight ESM

Version 6.8 · 6.11.0

Version 7.0 · 7.2 · 7.3 · 7.1 · 7.4 · 7.5 · 7.6 · 7.7 · 7.8

Release notes

First Release

Languages

English

Files

(57.3 KB)

Resources

Change Log and Discussion Forum

Install Guide

Activate License

Activate Wiki

Activate Framework

Marketplace

Marketplace

Activate P-Windows (Obsolete)

Product compatibility

CATEGORY

Description

Minimum Requirements

Suggested apps

Novell Cloud Security Service

SmartConnector User's Guide

Process

NetIQ Self Service Password Reset

Playbook-Endpoint Investigation - Windows

McAfee Network Security Platform

McAfee Vulnerability Manager

MITRE ATTACK Package for ArcSight Logger

Fortify SonarQube Plugin

Releases

Resources

Sign in

Marketplace

Activate P-Windows (Obsolete)

App Support Tiers

Product compatibility

CATEGORY

Description

Minimum Requirements

Suggested apps

Novell Cloud Security Service

SmartConnector User's Guide

Process

NetIQ Self Service Password Reset

Playbook-Endpoint Investigation - Windows

McAfee Network Security Platform

McAfee Vulnerability Manager

MITRE ATTACK Package for ArcSight Logger

Fortify SonarQube Plugin

Releases

Resources

Unsubscribe from notifications

Marketplace Terms of Service

Your download has begun