About the ArcSight integration
Overview
The EclecticIQ Platform is a Threat Intelligence Platform that provides threat analysts, incident analysts, security analysts, fraud analysts and risk analysts with a comprehensive workspace for cyber threat management, analysis and collaboration.
It gives analysts a single view of relevant intelligence from open sources, ISACs, commercial services and government entities.
The EclecticIQ Platform performs automatic normalization, consolidation, enrichment and integration, so that analysts can focus on discovery and analysis.
Comprehensive workflows allow analysts to propagate defensive measures to the Security Devices, such as SIEM’s.
CEF connector Configuration Guide
This document is provided for informational purposes only, and the information herein is subject to change without notice.
Please report any errors herein to Micro Focus. Micro Focus does not provide any warranties covering this information and specifically disclaims any liability in connection with this document.
Certified CEF
The event format complies with the requirements of the Micro Focus ArcSight Common Event Format.
The Micro Focus ArcSight CEF connector will be able to process the events correctly and the events will be available for use within Micro Focus ArcSight product.
In addition, the event content has been deemed to be in accordance with standard SmartConnector requirements.
Revision history
Date |
Description |
26 Oct 2016 |
First edition of this Configuration Guide |
04 Nov 2016 |
Revised by Perceptive Security |
22 Nov 2016 |
Second revision by Perceptive Security |
30 Nov 2019 |
Revised by EclecticIQ |
21 Jul 2020 |
Revised by EclecticIQ |
CEF Connector Support Information when an issue is outside of the ArcSight team’s ability
In some cases the ArcSight customer service team is unable to help with issues that lie within the configuration itself in which case, the certified vendor should be contacted for assistance:
EclecticIQ Customer Support
Phone: +31 (0)20 737 1063
Email: [email protected]
Any support question can be directed preferably via email first to the above address.