The Logstash ArcSight module enables you to easily integrate with and augment the ArcSight Data Platform (ADP) to explore and visualize data in real time with the Elastic Stack. With a single command, the ArcSight Module taps directly into the ADP data stream, parses and indexes the security events into Elasticsearch, and installs a suite of Kibana dashboards to get you exploring your data immediately. The ArcSight Module is available starting with the Logstash 5.6 release.
This module requires installation of Elasticsearch, Kibana, and Logstash:
Elastic Products: https://www.elastic.co/products
Elastic-ArcSight Integration: https://www.elastic.co/arcsight
Technical Documentation: https://www.elastic.co/guide/en/logstash/current/arcsight-module.html
Security analytics with Elastic Stack and ArcSight together offers the best of both worlds. See more, act faster, secure it all.
This release is packaged with a suite of Kibana dashboards for the network, endpoint, and DNS use cases.
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox