To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

PMS integration with ArcSight ESM (SIEM)

RichieB
RichieB Posts: 1 Security Scout
in Business Suite

We are running PMS10.20 on Windows 2008R2 and are deploying ArcSight ESM for central log management and correlation. How can I best send the logging from PMS to ArcSight? Syslog, SNMP or text file based would be easiest.

 

I have found C:\Program Files (x86)\F-Secure\Management Server 5\data\h2db\fspms.h2.db which ArcSight should be able to collect the logs from. Has anyone tried this yet?

Comments

  • etomcat
    etomcat Posts: 1,172 Firewall Master

    Hello,

     

    I think you should NOT use the F-Secure central management itself, rather:

     

    In F-Secure Policy Manager centralized control, you can configure the clients (F-Secure Management Agent component) to also log directly into SNMP and / or syslog.

     

    Best Regards: Tamas Feher, 2F 2000 Kft., Hungary.

This discussion has been closed.

Categories