Arcsight recently presented their new version of the Logger. Some of the new features are:

  • Distributed reports over multiple Logger
  • User configurable dashboards
  • Event summary (overview)
  • Live event viewer
  • LDAP and AD directory integration
  • dedup and transaction search commands
  • SNMP polling support

I’ve been waiting for some of these feature for a long time (except in the reporting area, previous versions were lacking some features that I would consider basic).
One bad point however: when I installed this new release, all my previously stored data disappeared (Update: it was the case on the software version, but the upgrade on appliance version worked without any problem).

ArcSight Logger 5.2

ArcSight Logger 5.2 GUI

It looks more like Splunk, it smells more like Splunk, but it still does not have Splunk taste !

December 20, 2011, 3:01 am lock

Add your own comment or set a trackback

Currently no comments

  1. No comment yet

Add your own comment

To prove you're a person (not a spam script), type the security word shown in the picture.
Anti-Spam Image

Follow comments according to this article through a RSS 2.0 feed