Release Notes ArcSight SmartConnector

Similar documents
HPE Security ArcSight Connectors

HPE Security ArcSight Connectors

HPE Security ArcSight Connectors

HPE Security ArcSight Connectors

HPE Security ArcSight Connectors

HP ArcSight Port and Protocol Information

HPE Security ArcSight. ArcSight Data Platform Support Matrix

HPE Security ArcSight Connectors

HPE Security ArcSight Connectors

Micro Focus Security ArcSight Connectors. SmartConnector for McAfee Gateway Syslog. Configuration Guide

HP ALM Client MSI Generator

HPE Security ArcSight Connectors

HPE Security ArcSight User Behavior Analytics

HPE Security ArcSight Connectors

HP Device Manager 4.7

HP 3PAR OS MU1 Patch 11

HPE Security ArcSight SmartConnectors. Format Preserving Encryption Environment Setup Guide

HP AutoPass License Server

Micro Focus Security ArcSight Connectors. SmartConnector for Snort Syslog. Configuration Guide

HP Software product hierarchy updates

Configuration Guide. SmartConnector for Apache Tomcat File. February 14, 2014

HPE ALM Client MSI Generator

HP Intelligent Management Center Remote Site Management User Guide

HPE Operations Bridge Reporter

HP Data Center Automation Appliance

HPE Security ArcSight Connectors

HP 3PAR OS MU3 Patch 18 Release Notes

means an integration element to a certain software, format or function through use of the HP software product.

Micro Focus Security ArcSight Connectors. SmartConnector for Microsoft IIS Multiple Site File. Configuration Guide

Micro Focus Security ArcSight Connectors. SmartConnector for McAfee Network Security Manager Syslog. Configuration Guide

QuickSpecs. HP IMC Branch Intelligent Management Software. Models HP IMC Branch Intelligent Management System Software Module w/50-node E-LTU

Standardize Microsoft SQL Server Cluster Provisioning Using HP DMA

HPE Security ArcSight Connectors

External Devices. User Guide

HP Fortify Scanning Plugin for Xcode

ALM. What's New. Software Version: Go to HELP CENTER ONLINE

External Devices User Guide

HPE Moonshot ilo Chassis Management Firmware 1.52 Release Notes

HP Operations Orchestration

HP Operations Orchestration Software

HPE Intelligent Management Center

IDE Connector Customizer Readme

HP UFT Connection Agent

Intelligent Provisioning 1.64(B) Release Notes

HP Virtual Connect Enterprise Manager

Intelligent Provisioning 1.70 Release Notes

HPE Security ArcSight Connectors

External Devices User Guide

Micro Focus Security ArcSight Connectors

Achieve Patch Currency for Microsoft SQL Server Clustered Environments Using HP DMA

HP Insight Remote Support Advanced HP StorageWorks P4000 Storage System

SecureVue. Version Supported Technologies List Updated: July 2015

HP E-PCM Plus Network Management Software Series Overview

QuickSpecs HP ProCurve Manager Plus 3.1

HP Enterprise Collaboration

External Devices User Guide

Centrify for ArcSight Integration Guide

External Media Cards User Guide

HPE 3PAR OS MU3 Patch 24 Release Notes

Universal CMDB. Software Version: Content Pack (CP20) Discovery and Integrations Content Guide - Discovery Activities

QuickSpecs. Aruba ClearPass OnGuard Software. Overview. Product overview. Key Features

HP Database and Middleware Automation

HP Automation Insight

HP ProCurve Manager Plus 3.0

HP D6000 Disk Enclosure Direct Connect Cabling Guide

For the Windows, Oracle Enterprise Linux, Red Hat Enterprise Linux, and SUSE Linux Enterprise operating systems Software Version: 10.01, CP 12.

HP ilo 3 Release Notes

HP Network Node Manager ispi Performance for Quality Assurance Software

2016 SIEM Content and Parsing Updates

HP Operations Orchestration

HPE Security ArcSight Connectors

Release Notes. Operations Smart Plug-in for Virtualization Infrastructure

HP Business Service Management

Additional License Authorizations

HP Device Manager 4.6

HP Operations Orchestration Software

Additional License Authorizations

HPE Knowledge Article

HPE Storage Optimizer Software Version: 5.4. Support Matrix

HP Business Availability Center

QuickSpecs. What's New The addition of VMware ESX Server and VMware Virtual Infrastructure Node (VIN)

HP Integration with Incorta: Connection Guide. HP Vertica Analytic Database

QuickSpecs. HP StorageWorks Command View SDM. Models. Models Feature List

HPE 3PAR Online Import Utility 1.5.0

Standard Content Guide

HPE 3PAR OS MU5 Patch 49 Release Notes

HP Service Test Management

HPE Automatic Number Plate Recognition Software Version: Automatic Number Plate Recognition Release Notes

HP 3PAR Host Explorer MU1 Software User Guide

HPE 3PAR OS MU2 Patch 36 Release Notes

HP Operations Orchestration

HP Operations Orchestration

Skybox. Reference Guide Revision: 11

HPE 3PAR OS GA Patch 12

HP Universal CMDB. Software Version: Content Pack (CP18) Discovery and Integrations Content Guide - Discovery Activities

HP Real User Monitor. Software Version: Real User Monitor Sizing Guide

HP BladeSystem Matrix Compatibility Chart

HP 3PAR OS MU3 Patch 17

Micro Focus Security ArcSight Connectors. SmartConnector for Cisco Secure ACS Syslog. Configuration Guide

RSA NetWitness Platform

Transcription:

Release Notes ArcSight SmartConnector 7.0.4.7088 June 30, 2014

Release Notes ArcSight SmartConnector 7.0.4.7088 June 30, 2014 Copyright 2014 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP required for possession, use or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Follow this link to see a complete statement of ArcSight's copyrights, trademarks and acknowledgements: http://www.hpenterprisesecurity.com/copyright. This document is confidential. SmartConnector Release 7.0.4.7088 Release Notes Page ii

Contents SmartConnector Release 7.0.4.7088... 1 To Apply This Release... 1 New Connectors... 1 New Device, Component, or OS Version Support... 1 SmartConnector Enhancements... 2 Fixed Issues... 2 Connector End-of-Life Notices... 2 SmartConnectors Support Ending... 2 SmartConnectors No Longer Supported... 3 SmartConnector Device Versions No Longer Supported... 4 New and Updated SmartConnector Documentation... 4 SmartConnector Release 7.0.4.7088 Release Notes Page iii

SmartConnector Release 7.0.4.7088 These notes describe how to apply this latest release of ArcSight's SmartConnectors, as well as providing other information about recent changes and open and closed issues. To Apply This Release Download the appropriate executable for your platform from the Support Web site (http://support.openview.hp.com), as well as the separate downloadable zip file of SmartConnector Configuration Guides (which should be unzipped in a folder you create for the documentation). Both 32-bit and 64-bit executables are available for download. The 64-bit installation executables contain a subset of available SmartConnectors. See your platform's 64-bit SmartConnector installer for the list of available connectors, or see the document "SmartConnectors Available for 64-Bit Platforms" listed on the SmartConnector Documentation page on Protect 724 (https://protect724.hp.com/community/arcsight/productdocs/connectors) or in the SmartConnector Configuration Guide zip file available for download from the Support Web Site. For a successful SmartConnector installation, follow the installation procedures documented in the individual SmartConnector Configuration Guides. The most current configuration guides are available with each SmartConnector release in a separate downloadable file from the Support Web site (http://support.openview.hp.com) rather than as part of the SmartConnector installation process. Create a folder for the documentation (such as c:\arcsight\docs) and unzip the file there. Then double-click index.html to access the individual configuration guides. New Connectors SmartConnector for Device Version Supported Cisco Wireless LAN Controller SNMP Cisco Airespace (MIB 4.0) HP Printers Syslog RSA Identity Management Service SNMP 8.0 New Device, Component, or OS Version Support SmartConnector for ArcSight FlexConnector SNMP 3.0 Aruba Mobility Controller Syslog 7210, 7270 IBM WebSphere File 8.5 Multiple HP printers (See configuration guide for details.) Kaspersky DB Security Center 10.0 Microsoft SQL Server Multiple Instance Audit DB SQL Server 2014 New Device, Component, or OS Version Proofpoint Enterprise Protection and Enterprise Privacy Syslog 7.2 Sourcefire Defense Center estreamer 5.3 VMware ESX/ESXi Syslog 5.5 VMware Web Services 5.5 SmartConnector Release 7.0.4.7088 Release Notes Page 1

SmartConnector Enhancements Confidential In each SmartConnector release, updates and enhancements are made to the field mappings for individual SmartConnectors. If you use any of the SmartConnectors listed in the "Fixed Issues" section of these release notes, be aware that installing the updated SmartConnector can impact your created content. HP advises you to verify the content you created before deploying the SmartConnector into your production environment. All ArcSight FlexConnectors Enhanced map files to set a field based on an expression similar to one found in a parser, using other fields in the event as possible inputs. [CON-14158] All Syslog File SmartConnectors Syslog File connectors supported on Windows platform. [CON-12199] IBM SiteProtector DB Siteprotector to use AlertName for Device Event Class ID 500K. [CON-14018] NOTE: DECID has changed from XFID to AlertName. McAfee Web Gateway File Added support for AccessDenied and FoundViruses log types [CON-14094] Microsoft Forefront Threat Management Gateway File A new internal property, isalogfiletimezoneid, was added to specify the log file rotation time zone. Users only need to specify the value for this property when the log file rotation time zone is different from the connector host time zone. The possible values are valid time zone IDs, for example, GMT, PST, EST, etc. [CON-14107] Microsoft Windows Event Log Unified Mapped Failure Information:Status to an ArcSight field [CON-13871] Snort Multiple File Added support for payload retrieval. [CON-13505] Fixed Issues SmartConnector for Number Description All SmartConnectors CON-14170 Previously, if the Enable Batching (per event) parameter was configured to a value of 600, it would cause a large number of lost events when the destination was ESM, unless the http.transport.queuesize property in the agent.properties file was adjusted to a higher value. Now that condition is detected to avoid event loss. For best performance, the Enable Batching (per event) value should not be set to values higher than 300 for ESM destinations unless the http.transport.queuesize property has been set to a significantly higher value. Increasing the connector s memory may also be necessary for larger batch sizes. Check Point OPSEC NG CON-13471 Error corrected in parser for event.devicecustomdate2. Citrix NetScaler Syslog CON-14064 Connector was not parsing some v 9.2 events completely. This issue has been fixed. Connector End-of-Life Notices SmartConnectors Support Ending Ending 12/31/2014 Red Hat Enterprise Linux (RHEL) 6.1 64-bit platform Red Hat Enterprise Linux (RHEL) 6.2 64-bit platform Red Hat Enterprise Linux (RHEL) 5.7 32-bit and 64-bit platforms SmartConnector Release 7.0.4.7088 Release Notes Page 2

Ending 09/30/2014 All SmartConnectors Event collection from Microsoft Windows XP platforms Event collection from Microsoft Windows 2000 platforms Platform support for Microsoft Windows XP platforms SmartConnectors No Longer Supported Ended 06/30/2014 CA SiteMinder File (Legacy) Lancope StealthWatch Syslog (Legacy) - Use the SmartConnector for Lancope StealthWatch Management Console Web Services. Microsoft Exchange Message Tracking Log File (Legacy) - Use the SmartConnector for Microsoft Exchange Message Tracking Log Multiple Server File. Microsoft SQL Server Audit DB (Legacy) - Use the SmartConnector for Microsoft SQL Server Audit Multiple Instance DB. Oracle SYSDBA Audit File (Legacy) - Use the SmartConnector for Oracle SYSDBA Audit Multiple Folder. SAP Real-Time Security Audit File (Legacy) - Use the SmartConnector for SAP Real-Time Security Audit Multiple Folder File. Secure Computing Webwasher CSM File (Legacy) - Use the SmartConnector for McAfee Web Gateway File. Ending 09/30/2014 Note: The following connectors will be end-of-life because they are no longer supported by the vendors. Alcatel Syslog Cisco Aironet Syslog Cisco Security Agent File CyberGuard Firewall Syslog Intrusion Computer Misuse Detection System Intrusion SecureNet Provider DB Intrusion SecureNet Provider SNMP ipolicy Intrusion Prevention Firewall Syslog Lucent Brick Managed Services File McAfee Entercept McAfee Entercept DB Nagios Syslog Network Appliance NetCache File Newbury WiFi Watchdog Syslog Oblix NetPoint File RSA ClearTrust File SANA Primary Response SNMP Securify SecurVantage SNMP Symantec Enterprise Firewall File Symantec Enterprise Firewall SNMP Symantec Gateway Security/Enterprise Firewall File Symantec Gateway Security/Enterprise Firewall NG File Symantec Intruder Alert File Symantec Intruder Alert SNMP Symantec ManHunt DB Symantec ManHunt Syslog Symantec NetRecon NRD File Symantec Network Security Syslog Symantec SESA DB Trend Micro Asset Scanner DB Tripwire File Reader for NT/2000 Visionael ESP DB (Visionael Security Audit DB) SmartConnector Release 7.0.4.7088 Release Notes Page 3

SmartConnector Device Versions No Longer Supported Ended 11/15/2013 Sourcefire Defense Center estreamer (older versions) - Support has ended for Sourcefire versions 3.0, 4.0, 4.0.2, 4.1, 4.5, 4.5.1, 4.6, 4.6.1, 4.7, 4.8, 4.8.1, and 4.8.2. New and Updated SmartConnector Documentation The following SmartConnector documentation has been added or updated for this release. Arbor Networks Peakflow Syslog Updated supported versions. ArcSight FlexConnector Developer s Guide Added GA support for SNMP v3, Appendix E: XML FlexConnector Development Example, and properties to the Folder Follower FlexConnector Properties section. See guide for details. Aruba Mobility Controller Syslog Added support for Aruba Mobility Controllers 7210 and 7270 (OS version 6.3) Barracuda Web Appliance Firewall Syslog Updated vendor and connector name (formerly NetContinuum Web Firewall Syslog). Blue Coat Proxy SG Multiple Server File Corrected the process for changing the 'processingthread' and 'monitorinterval' parameters for a folder. Brocade BigIron Syslog Updated vendor name from Foundry. Cisco Wireless LAN Controller SNMP Added GA support for Cisco Airespace (MIB 4.0). HP Printers Syslog First edition of this configuration guide. IBM SiteProtector DB Updated mappings for Device Event Class ID and Device Action: added Source NT Domain mapping. IBM WebSphere File Added support for WebSphere 8.5. Kaspersky DB Added support for Kaspersky Security Center 10.0. McAfee epolicy Orchestrator DB Updated parameter screens. McAfee Web Gateway File Added support for 'AccessDenied' and 'FoundVirus' log types for v7.4. Microsoft SQL Server Multiple Instance Audit DB Added support for SQL Server 2014. Proofpoint Enterprise Protection and Enterprise Privacy Syslog Added support for Messaging Security Gateway 7.2. RSA Identity Management Service SNMP Added GA support for RSA Identity Management Service 8.0 and SNMP 3.0. SmartConnector Product and Platform Support Added RHEL 5.7 64-bit platform to End of Life notices. SmartConnectors with 64-Bit Support Document listing SmartConnectors with 64-bit support. SmartConnector Release 7.0.4.7088 Release Notes Page 4

Snort Multiple File Payload support is now available for this connector. Sourcefire Defense Center estreamer Added support for version 5.3. Symantec Endpoint Protection DB Added minimal privileges procedure. VMware ESX/ESXi Syslog Added device support for ESX/ESXi Server v5.5. VMware Web Services Added support for ESX/ESXi Server v5.5. SmartConnector Release 7.0.4.7088 Release Notes Page 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback