Message Image

Skip main navigation (Press Enter).

Endpoint Protection

View Only

Back to discussions

Expand all | Collapse all

Connecting SEPM DB to ARC Sight for Logging

Jump to Best Answer

Migration UserMay 14, 2012 02:36 PM

We use ARC Sight and have SEPM 11.0 with a SQL DB. My ARC Sight Tech is trying to have Logging flow ...

ℬrίαηMay 14, 2012 03:35 PMBest Answer

You can configure the SEPM to send logs to Arc Sight. Admin tab >> select Local Site >> ...

Migration UserMay 14, 2012 05:01 PM

That did it. We had seen it earlier, but it seemed way to simple. Thanks,

1. Connecting SEPM DB to ARC Sight for Logging

0 Recommend
Migration User
Posted May 14, 2012 02:36 PM

Reply Reply Privately
We use ARC Sight and have SEPM 11.0 with a SQL DB. My ARC Sight Tech is trying to have Logging flow

from the SEPM DB to Arcsight Express application.

Anyone out there have any ideas, there instructions are vague. This is apparently an ODBC connection.

We are stuck. Any help would be much appreciated.

Thanks,
2. RE: Connecting SEPM DB to ARC Sight for Logging
Best Answer

0 Recommend
ℬrίαη
Posted May 14, 2012 03:35 PM

Reply Reply Privately
You can configure the SEPM to send logs to Arc Sight.

Admin tab >> select Local Site >> Configure External Logging

Edit the General tab with all the appropriate information

Edit the Log Filter tab with all the appropriate information

Click OK
3. RE: Connecting SEPM DB to ARC Sight for Logging

0 Recommend
Migration User
Posted May 14, 2012 05:01 PM

Reply Reply Privately
That did it. We had seen it earlier, but it seemed way to simple.

Thanks,

Copyright 2019. All rights reserved.

Powered by Higher Logic