The Logstash ArcSight module enables you to easily integrate with and augment the ArcSight Data Platform (ADP) to explore and visualize data in real time with the Elastic Stack. With a single command, the ArcSight Module taps directly into the ADP data stream, parses and indexes the security events into Elasticsearch, and installs a suite of Kibana dashboards to get you exploring your data immediately. The ArcSight Module is available starting with the Logstash 5.6 release.
This module requires installation of Elasticsearch, Kibana, and Logstash:
Elastic Products: https://www.elastic.co/products
Elastic-ArcSight Integration: https://www.elastic.co/arcsight
Technical Documentation: https://www.elastic.co/guide/en/logstash/current/arcsight-module.html
Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.
Security analytics with Elastic Stack and ArcSight together offers the best of both worlds. See more, act faster, secure it all.
This release is packaged with a suite of Kibana dashboards for the network, endpoint, and DNS use cases.
Related content and resources
Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox