DI logs to Arcsight

My client is asking about the ease of setting up a feed from DI to Arcsight. Does anyone know if this is feasable? If so, how easy would it be to set up, and what are the steps?



1 Reply

Re: DI logs to Arcsight


DI does not have not have a precanned port into Archsight specifically.  DI provides customizable reports that can be output to CSV on a scheduled basis, the output could then be imported into another application for analysis.  DI also provides a Dynamic Query Language that can be used to create custom reports, or ran through a Web API.  Details on these are available in the DI SDK guide.