cancel
Showing results for 
Search instead for 
Did you mean: 

How to create syslog for ArcSight format

How to create syslog for ArcSight format

Helpme
New Contributor
My company use ArcSight log server, but it can't not recognize XOS log format. Did anyone know how to create XOS log for Arcsight format.....
2 REPLIES 2

Ron_Huygens
Community Manager Community Manager
Community Manager
It all depends on the format that is expected by the ArcSight log server.
In EXOS you create separate log filters and modify the output for different purposes.

More on the Event Management System/Logging can be found in the documentation:
http://documentation.extremenetworks.com/exos/EXOS_21_1/Status_Monitoring/c_using-the-event-manageme...

Do you have an example of the format that ArcSight expect to receive?

Bill_Stritzinge
Extreme Employee
I am not sure about ArcSight but most SIEM programs have programs will have modules that will "equalize" to the database many syslog formats per device manufacturer. Our SIEM product has what are called DSM modules that take many different syslog formats from hundreds of vendors so that the data presented is equal in the database. Out SIEM has a DSM module specific for XOS and EOS boxes, please check with HP on what is available in your circumstance. I tried checking the HP Enterprise site but was unable to search their support database.
GTM-P2G8KFN