Long term plan for Log Exporter SIEM integration

Mastering Compliance
Unveiling the power of Compliance Blade

WATCH NOW

SASE Masters:
Deploying Harmony SASE for a 6,000-Strong Workforce
in a Single Weekend

May the 4th (+4)
Navigating Paradigm Shifts in Cyber

CPX 2024 Content
is Here!

Get What You Need

Harmony SaaS
The most advanced prevention
for SaaS-based threats

LEARN MORE

CheckMates Go:
CPX 2024 Recap

LISTEN NOW

Create a Post

So with Log Exporter now supporting formats for Splunk, ArcSight and so on, i just wondered if these formats have any formal agreement with vendors that these will be kept up to date.

Taking ArcSight(MicroFocus) as an example, there is several patterns seen with other vendor integration that they kind of get "lost over time". Checkpoints long term roadmap might offer new blades, or changes to their log format, and the Log Exporter might not always be kept up to date.

I am not looking for any official confirmation that i can quote on, it's just out of curiosity and it is good to keep in the back off my head, as our ArcSight integration with CP will grow larger and larger over time.

Do you feel that it is up to the vendor then to keep this up to date, or the SIEM vendor itself?