User Manual Part 5
Administration Tab
SpectraGuard® Enterprise User Guide
247
ArcSight Configuration Dialog
ArcSight Configuration dialog contains the following fields:
ArcSight Server (IP Address/Hostname): Specifies the IP Address or the hostname of the destination ArcSight
server to which the CEF formatted messages are sent.
Note: Configured ArcSight servers will use the DNS names and DNS suffixes configured by the user in the Server
Initialization and Setup Wizard on the Config Shell.
Port Number: Specifies the port number of the ArcSight server to which the system should send CEF messages.
Enabled?: If the checkbox is selected, the system sends CEF messages to the configured and enabled ArcSight
servers. The delivery of the CEF messages cannot be guaranteed due to use of UDP/unreliable transport.
(Default: Enabled)
Click Add to add the details for a new ArcSight server.
Editing an ArcSight Server
Double-click a row or click Edit to open ArcSight Configuration dialog similar to the one shown above. Click Save to
save all settings.
Deleting an ArcSight Server
Select a row and click Delete to discard the configuration of the selected ArcSight server. You can delete multiple
ArcSight server details using click-and-drag or using the <Shift> + <Down Arrow> keys and then clicking Delete.
Note: Total gives the total number of ArcSight servers configured to receive events from the system.
SNMP
The SNMP dialog enables the system to send events as SNMP traps to designated SNMP trap receivers. It also allows
SNMP managers to query server operating parameters using IF-MIB, MIB-II, and Host Resources MIB.