Illusive and Microfocus has partnered in this joint effort solution to allow native ingestion of syslog from Illusive into ArcSight. The Illusive syslog will parse accordingly into proper ArcSight fields.
Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
Important use cases supported by this integration.
Allows customers to natively create recommended alarms per Illusive SIEM guide
Provides all of the critical incident information to analysts to allow efficient triage
Ability to use default out of the box rule sets within ArcSight.
Configure custom specific rules for Illusive. Ability to aggregate multiple events within a single alarm. Provide meaningful data when alarms trigger. Ability to customize and stack events together using source host/IP or by incident types.
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox