Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1641
Views
0
Helpful
2
Replies

cisco umbrella and arcsight

safwat.ghazy
Level 1
Level 1

‎09-30-2018 10:48 AM

hello,

is Cisco umbrella able to integrate with ArcSight for investigation?

 

I know that Cisco umbrella can intergrade with Splunk but what about ArcSight?

 

 

thanks

 

Labels:
0 Helpful
2 Replies 2

Abheesh Kumar
VIP Alumni
VIP Alumni

‎11-11-2018 03:36 AM

Hi,

Below doc explains the log management in Amazon S3/Splunk/Q-Radar. Couldn't find any doc for Arcsight. You can check with local cisco account manager for cisco umbrella support Arcsight.

https://support.umbrella.com/hc/en-us/articles/231248448-Cisco-Umbrella-Log-Management-in-Amazon-S3

 

HTH

Abheesh

0 Helpful

babiojd01
Level 1
Level 1

‎11-24-2018 06:30 AM

You need to convert the json output into cef or something readable by arcsight. I did some reading in their forums and it looks like it can parse json with a little work on your part.

0 Helpful
Customers Also Viewed These Support Documents