security_wiki:hpe_arcsight

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

security_wiki:hpe_arcsight [2019/05/25 23:50] (current)
Line 1: Line 1:
 +====== HPE ArcSight ======
  
 +From the introduction of the CORR backend, the important logs have changed. These are the one's I've seen HPE ArcSight Tech Support call for. These are the one's I've been using to troubleshoot almost everything that wasn't able to be worked within the console or system/resource monitor webpages.
 +
 +**Manager**
 +<code>
 +/opt/arcsight/manager/logs/default/*.log
 +</code>
 +Most important files:
 +  - server.std.log
 +  - server.log
 +
 +**CORR-E**
 +<code>
 +/opt/arcsight/logger/current/arcsight/logger/logs/*.log
 +/opt/arcsight/logger/data/mysql/*.log
 +/opt/arcsight/logger/data/pgsql/serverlog*
 +</code>
  • security_wiki/hpe_arcsight.txt
  • Last modified: 2019/05/25 23:50
  • (external edit)