Hewlett Packard Enterprise Software is now part of Micro Focus - your new home for enterprise software.

Logstash ArcSight Module

Elastic Community

The Logstash ArcSight module enables you to easily integrate with the ArcSight Data Platform (ADP) to explore and visualize data in real-time with the Elastic Stack.
71 downloads

Description

Note: The ArcSight Module is an X-Pack feature under the Elastic Basic License and is therefore free to use. Please contact arcsight@elastic.co for questions or more information.

The Logstash ArcSight module enables you to easily integrate with and augment the ArcSight Data Platform (ADP) to explore and visualize data in real time with the Elastic Stack. With a single command, the ArcSight Module taps directly into the ADP data stream, parses and indexes the security events into Elasticsearch, and installs a suite of Kibana dashboards to get you exploring your data immediately. The ArcSight Module is available starting with the Logstash 5.6 release.

This module requires installation of Elasticsearch, Kibana, and Logstash:

Elastic Products: https://www.elastic.co/products
Elastic-ArcSight Integration: https://www.elastic.co/arcsight
Technical Documentation: https://www.elastic.co/guide/en/logstash/current/arcsight-module.html

Releases

Release
Size
Date
Logstash ArcSight Module 5.6
956.9 KB
  |  
Sep 5, 2017
More info Less info
Product Compatibility
SmartConnector
Version 7.7.8036 · 7.3 · 7.4 · 7.5 · 7.6
Version 1.0
Data Platform (ADP)
Version 1.0
Version 2.0
Event Broker
Version 1.0
Release Notes

Security analytics with Elastic Stack and ArcSight together offers the best of both worlds. See more, act faster, secure it all.

This release is packaged with a suite of Kibana dashboards for the network, endpoint, and DNS use cases.

Languages
English

Your browser is not supported!

Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox