ArcSight, Monitor Thyself
Speakers: Ken Mermoud, Software Development Manager, ArcSight; Rashaad Steward, ArcSight Enterprise Specialist, Public Sector, ArcSight
ArcSight components provide a wealth of internal audit events on the status of various ArcSight resources. In this session, we examine what those internal audit events contain and what information an ArcSight administrator can leverage to automatically monitor and restore the health of their ArcSight infrastructure. This session will cover advance techniques that can be applied to many other use cases to enhance automation. Attendees should have an in-depth understanding of active lists and how variables work within rules.