Marius Iversen

Long term plan for Log Exporter SIEM integration

Discussion created by Marius Iversen on Jun 12, 2018
Latest reply on Jun 12, 2018 by Marius Iversen

So with Log Exporter now supporting formats for Splunk, ArcSight and so on, i just wondered if these formats have any formal agreement with vendors that these will be kept up to date.

 

Taking ArcSight(MicroFocus) as an example, there is several patterns seen with other vendor integration that they kind of get "lost over time". Checkpoints long term roadmap might offer new blades, or changes to their log format, and the Log Exporter might not always be kept up to date.

 

I am not looking for any official confirmation that i can quote on, it's just out of curiosity and it is good to keep in the back off my head, as our ArcSight integration with CP will grow larger and larger over time.

 

Do you feel that it is up to the vendor then to keep this up to date, or the SIEM vendor itself?

Outcomes