ArcSight Logger是MicroFocus SIEM平台产品之一,提供实时数据流与特定日志分类,易于与安全操作集成。适用于各种规模组织,助力快速IT运营法医分析、应用开发及网络安全问题,同时应对多项法规遵从。具备分析、搜索、实时事件查看、仪表板、报告和配置等功能。
Last updated on August 9, 2019
ArcSight Logger is one of products from Micro Focus SIEM platform. It streams real-time data and categorizes them into specific logs and easily integrates with Security Operations. As a result, organizations of any size can use this high performance log data repository to aid in faster forensic analysis of IT operations, application development, and cyber security issues, and to simultaneously address multiple regulations.
Summary
Analyzer
Search
Live Event Viewer
Dashboard
Reports
Configuration
Search Example:
sourceAddress=10.1.1.2 and name startswith “TCP” and name contains “DEN” | fields requestUrl
References:
扫一扫
449
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
