This article will detail how to set up your OpenText ArcSight with your Sharetru site.
Note: Do not toggle the Enable to "on" until you have filled out the form illustrated below and competed a test of the connection.
Use the SIEM "Select Service..." dropdown and select OpenText ArcSight.
The only format available for OpenText ArcSight is CEF.
.png?width=688&height=98&name=image-20240715-225127(2).png)
To view an example of the SIEM test message click the link button
After configuring your format you will need to select the Protocol, Hostname or IP address, and Port.
You may choose from TLS, TCP or UDP.
We recommend TLS for security or TCP if TLS is not available for your SIEM instance.
If TLS is selected you will have the option to utilize a signed certificate.
Alternatively, if you are using a self-signed certificate you should toggle this off.
After the form is completed click "Save".
Now, you will need to test the connection. Click the "Test Connection" button.
If the connection is successful you will receive a message verifying that result.
*You should verify that the message was received by your OpenText instance. *
However, if the connection is not successful you will receive a message regarding the failure.
Upon completing the test you may toggle the "Enable" switch on and then click "Save".
This will finalize the SIEM integration set up.
