Manualshelf

User`s guide

ManualsBrandsVMware ManualsOtherVCLOUD REQUEST MANAGER 1.0.0
12345678910
Technical white paper
6
Typical deployment scenarios
Security and log event information is captured at the host and application level. Events can be sent directly to an HP ArcSight
Logger or HP ArcSight ESM. HP ArcSight Connectors can be used to normalize the log data into the Common Event Format
(CEF). The Common Event Format presents log data from various vendors to the HP ArcSight ESM and HP ArcSight Logger in
a standardized format for searching and correlation.
Log information can be sent to the HP ArcSight Logger for aggregation; once the data is collected on the HP ArcSight
Logger, filters can be applied to forward specific event information to the ArcSight ESM for further analysis, investigation,
and action.
Our reference implementation is comprised of the following servers that are illustrated in Figures 2 4:
OO.fog.cloud.internal Operation Orchestration and Cloud Service Automation
Ora.fog.cloud.internal Oracle Database Server for UCMDB
Fog.fog.cloud.internal Matrix Operating Environment Central Management Server
Sis.fog.cloud.internal SiteScope
UCM.fog.cloud.internal UCMDB server
vCenter.fog.cloud.internal VMware vCenter
sa.fog.cloud.internal Server Automation
tpsms.fog.cloud.internal TippingPoint Security Management System
esxi1.fog.cloud.internal ESXi Host
esxi2.fog.cloud.internal ESXi Host
Sending events in RAW and CEF format to HP ArcSight Logger
In this example the log information is sent directly to the HP ArcSight Logger. Some network devices and systems that have
not been configured to convert log data into the standard CEF format will send log data in a raw format. Information
collected by the CloudSystem Enterprise applications, CSA, HP Matrix infrastructure orchestration (HPIO), Operations
Orchestration, SiteScope, and UCMDB are sent to the HP ArcSight Logger in the CEF format. Log events are sent to a
preconfigured receiver on the HP ArcSight Logger, the receivers are described later in this section.
Figure 2. Log Events sent to the HP ArcSight Logger