Description

To support newer device versions and to fix parser issues quickly, the connector framework and connector parser updates are now delivered as separate releases. The connector parser update releases will be released monthly on ArcSight Marketplace.

You can download parser releases to your workstation to be applied on standalone connectors, or, starting with ArcSight Management Center (ArcMC) version 2.7.0, for ease of upgrade and integration of locally/remotely managed connectors, you can use ArcMC to retrieve parser updates directly from ArcSight Marketplace.

Each connector parser release is supported and certified with a specific connector framework release.

Minimum Requirements


  • For details refer to the release notes.

Suggested apps

Suggested for you are based on app category, product compatibility, popularity, rating and newness. Some apps may not show based on entitlements. Learn more about entitlements.

Releases

Release
Size
Date
ArcSight-8.1.3.8422.0-ConnectorParsers.aup 8.1.3.8422.0
15.3 MB
  |  
Feb 19, 2021
More info Less info
Product compatibility
ESM
Version 7.0 · 7.1 · 7.2 · 7.3 · 7.4
SmartConnector
Version 8.1
Transformation Hub
Version 3.0 · 3.1 · 3.2 · 3.3 · 3.4
Management Center (ArcMC)
Version 2.7 · 2.8 · 2.9
Release notes

8.1.3.8422.0 version information

Note: This file includes the latest parser updates of the SmartConnectors currently supported and the latest unobfuscated cloud map files. The reference file name is ArcSight-ConnectorUnobfuscatedParsers- 8.1.3.8422.0.zip. To obtain more information, go to softwaresupport.softwaregrp.com

SmartConnectors Support Recently added:

  • Syslog NG Daemon, added support for Checkpoint Gaia OS Syslog.
  • All SmartConnectors, added support fora a new type of Arbor logs.

Fixed issues and Enhancements:

  • Amazon Web Services CloudTrail
  • Cisco ASA Syslog
  • Cisco NX-OS Syslog
  • Cisco Wireless LAN Controller Syslog
  • HPE OpenVMS File
  • IBM AIX Audit Syslog
  • MS Windows Event Log Native
  • MS Windows Event Log Native Security Event Mappings
  • Symantec Endpoint Protection DB
  • UNIX OS Syslog

For complete release information, see the Release Notes available from the Micro Focus Software Community at:https://community.microfocus.com/t5/ArcSight-Connectors/ct-p/ConnectorsDocs

Languages
English
ArcSight-8.1.2.8416.0-ConnectorParsers.aup 8.1.2.8416.0
15.2 MB
  |  
Jan 22, 2021
More info Less info
Product compatibility
ESM
Version 7.0 · 7.1 · 7.2 · 7.3 · 7.4
SmartConnector
Version 8.1
Management Center (ArcMC)
Version 2.7 · 2.8 · 2.9
Release notes

8.1.2.8416.0 version information

Note: This file includes the latest parser updates of the SmartConnectors currently supported and the latest unobfuscated cloud map files. The reference file name is ArcSight-ConnectorUnobfuscatedParsers- 8.1.2.8416.0.zip. To obtain more information, go to softwaresupport.softwaregrp.com

SmartConnectors Support Recently added:

  • Box, added support to the following event types:
    • CHANGE_ADMIN_ROLE
    • ADMIN_LOGIN
    • GROUP_ADD_USER
    • GROUP_REMOVE_USER
    • USER_AUTHENTICATE_OAUTH2_TOKEN_
    • REFRESH
  • Fixed issues and Enhancements:
    • Juniper JUNOS Syslog
    • Microsoft Office 365 Management Activity
    • Unix Syslog Connectors


For complete release information, see the Release Notes available from the Micro Focus Software Community at:https://community.microfocus.com/t5/ArcSight-Connectors/ct-p/ConnectorsDocs

Languages
English
ArcSight-8.1.1.8412.0-ConnectorParsers.aup 8.1.1.8412.0
15.2 MB
  |  
Dec 17, 2020
More info Less info
Product compatibility
ESM
Version 7.0 · 7.1 · 7.2 · 7.3 · 7.4
Management Center (ArcMC)
Version 2.7 · 2.8 · 2.9
SmartConnector
Version 8.1
Release notes

8.1.1.8412.0 version information

Note: This file includes the latest parser updates of the SmartConnectors currently supported and the latest unobfuscated cloud map files. The reference file name is ArcSight-ConnectorUnobfuscatedParsers- 8.1.1.8412.0.zip.

To obtain more information, go to softwaresupport.softwaregrp.com

SmartConnectors Support Recently added:

  • Microsoft Windows Event Log Native, added support for ADFS Auditing Events on Windows Server 2016 and 2019.
  • Cisco ASA Syslog, addedsupport to Cisco Firepower version 6.3.
  • Cisco IronPort Email Security Appliance Syslog, added support to some events that were not being parsed correctly.
  • HPE H3C Syslog, added support to some events that were not being parsed correctly.
  • UNIX OS Syslog, added partial support for RHEL 8.2.

Fixed issues and Enhancements:

  • Cisco ASA Syslog
  • Cisco ISE Syslog
  • Cisco NX-OS Syslog
  • HPE Integrated Lights-Out Syslog
  • Microsoft Windows Event Log Native
  • Oracle Audit Syslog
  • Pulse Secure Pulse Connect Secure Syslog
  • Symantec Endpoint Protection Syslog

For complete release information, see the Release Notes available from the Micro Focus Software Community at:https://community.microfocus.com/t5/ArcSight-Connectors/ct-p/ConnectorsDocs

Languages
English
ArcSight-8.0.3.8356.0-ConnectorParsers.aup 8.0.3.8356.0
15.1 MB
  |  
Oct 13, 2020
More info Less info
Product compatibility
ESM
Version 7.0 · 7.2 · 7.3
SmartConnector
Version 8.0
Management Center (ArcMC)
Version 2.7 · 2.8 · 2.9
Transformation Hub
Version 3.0 · 3.1 · 3.2 · 3.3
Release notes

8.0.3.8356.0 version information

Note: This Parser releases contains unobfuscated file. This file includes latest parser updates of the Smart Connectors currently supported. To obtain more information, go to softwaresupport.softwaregrp.com.

SmartConnectors Support Recently added:

  • Microsoft Windows Event Log Native, added support for Microsoft Active Directory 2019 events on the Windows Event Log Native SmartConnector (WINC).

Fixed issues and Enhancements:

  • Cisco ISE Syslog
  • Citrix NetScaler Syslog
  • Microsoft Windows Event Log Native
  • Symantec Endpoint Protection Syslog

For complete release information, see the Release Notes available from the Micro Focus Software Community at:https://community.microfocus.com/t5/ArcSight-Connectors/ct-p/ConnectorsDocs

Languages
English
ArcSight-8.0.2.8340.0-ConnectorParsers.aup 8.0.2.8340.0
15.1 MB
  |  
Sep 16, 2020
More info Less info
Product compatibility
Management Center (ArcMC)
Version 2.7 · 2.8 · 2.9
Transformation Hub
Version 3.4 · 3.0 · 3.1 · 3.2 · 3.3
ESM
Version 7.0 · 7.2 · 7.3
Release notes

8.0.2.8340.0 version information

Note: This Parser releases contains unobfuscated file. This file includes latest parser updates of the Smart Connectors currently supported. To obtain more information, go to softwaresupport.softwaregrp.com.

SmartConnectors Support Recently added:

  • Microsoft Windows Event Log Native, added support for AppLocker events on Windows Server 2019.
  • Added support to the following event Ids: 102, 103, 105, 224, 225, 300, 301, 302, 330, 335, 455 and 641.
  • Linux Audit File, Linux Audit Syslog, and UNIX Login/Logout File, added support for RHEL 8.1 events.

Fixed issues and Enhancements:

  • Amazon Web Services S3
  • Arbor Networks Peakflow Syslog
  • Cisco NX-OS Syslog
  • IBM Security Access Manager Syslog
  • Juniper Firewall ScreenOS Syslog
  • Linux Audit Syslog
  • Microsoft DNS Trace Log Multiple Server File
  • Microsoft Office 365
  • Pulse Secure Pulse Connect Secure Syslog
  • UNIX OS Syslog
  • VMware ESXi Server Syslog
  • Zeek IDS NG File

For complete release information, see the Release Notes available from the Micro Focus Software Community at:https://community.microfocus.com/t5/ArcSight-Connectors/ct-p/ConnectorsDocs

Languages
English
ArcSight-8.0.1.8336.0-ConnectorParsers.aup 8.0.1.8336.0
15.0 MB
  |  
Aug 20, 2020
More info Less info
Product compatibility
SmartConnector
Version 8.0
Transformation Hub
Version 3.4 · 3.3 · 3.0 · 3.1 · 3.2
Release notes

8.0.1.8336.0 version information

Note: From August 2020 and on, Parser releases contains unobfuscated file. This file includes latest parser updates of the Smart Connectors currently supported. To obtain more information, go to softwaresupport.softwaregrp.com.

  • ArcSight-ConnectorUnobfuscatedParsers-8.0.1.8336.0.zip
  • ArcSight-ConnectorUnobfuscatedParsers-8.0.1.8336.0.zip.sig

SmartConnectors Support Recently added:

  • Bro IDS NG File, added support to the following Zeek 3.1.3 modules:-Conn, Dns, files,Http, ssl, weird, and x509.Added mappings for Support for Ja3 and Hash MD5 Hashes.
  • Cisco Secure ACS Syslog, added support for some new events of CSCOacs_ Passed_Authentications version 5.8.
  • McAfee ePolicy Orchestrator DB, added support to MOVE with ePO 5.10.
  • Microsoft Windows Event Log Native, added support for Windows Server 2019 events.

Fixed issues and Enhancements:

  • Amazon Web Services S3
  • Arbor Networks Peakflow Syslog
  • Blue Coat Proxy SG Multiple Server File
  • Bro IDS NG File
  • Cisco IronPort Web Security Appliance File Cisco IronPort Web Security Appliance Syslog
  • Cisco ISE Syslog
  • Cisco NX-OS Syslog
  • Fortinet Fortigate Syslog
  • IBM SiteProtector DB
  • ISC BIND Syslog
  • Juniper JUNOS Syslog
  • Juniper Network and Security Manager Syslog
  • Linux Audit Syslog
  • Oracle Audit Syslog
  • OVAL Vulnerability Scanner
  • Oracle WebLogic Server FileMicrosoft Windows Event Log Native
  • Proofpoint Enterprise Protection and Enterprise Privacy Syslog
  • Pulse Secure Pulse Connect Secure Syslog
  • Symantec Endpoint Protection DB

For complete release information, see the Release Notes available from the Micro Focus Software Community at:https://community.microfocus.com/t5/ArcSight-Connectors/ct-p/ConnectorsDocs

Languages
English

Resources

Unsubscribe from notifications

You are receiving release updates for this item because you have subscribed to the following products:
If you unsubscribe, you will no longer receive any notifications for these products.
Tip: to update your subscription preferences, go to Manage Subscriptions from your Dashboard, uncheck the products you no longer want to receive notifications for, and click 'Save'.

Marketplace Terms of Service

In order to continue, you must accept the updated Marketplace Terms of Service
Since you are downloading an app from the Micro Focus Marketplace, you need to accept the updated Marketplace Terms of Service before you can continue. Use the link to review the Marketplace Terms of Service. Once complete check the, "I accept the Marketplace Terms of Service" box below and click accept to continue your download.


Your download has begun...

Your download has begun

Related content and resources

Your browser is not supported!

Please upgrade to one of the following broswers: Internet Explorer 11 (or greater) or the latest version of Chrome or Firefox

release-rel-2021-4-1-3979 | Wed Apr 7 06:55:03 PDT 2021