Home > IT Answers > DataManagement > Arcsight Question
Arcsec09
5 pts.
0
Q:
Arcsight Question
Data analysis, ArcSight, Snort
Does anyone have any experience with configuring ArcSight and Snort so that ArcSight can pull the payload information from the Snort sensor?
ASKED: Dec 23 2008  4:17 PM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
RELATED QUESTIONS
0
Blackhat
15 pts.
0
A:
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
  • AddThis Social Bookmark Button
Hello!

I had worked in the past on ArcSight Installation/Configuration/Management,

and Yes, you can configure the Manager to Pull the logs from the Snort,

you will need to have physical access and password and snort.conf details as well ,

also, you need to configure the SmartAgents, and select the "Snort Database"

and finally you will need the MySQL DB password and username from the snort.conf handy in order to get it running.

u can refer to the technical documentation.

if u need any help please email me at:-

nitin.blackhat[at]gmail.com
Last Answered: Jan 22 2009  11:02 PM GMT by Blackhat   15 pts.
  •   
0
0
RSS - Discussions Help
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



0