In the last part of this post we discussed the methods of extracting logs from OpenVMS systems for processing by ArcSight SmartConnectors.

This installment will focus on transferring these logs to a machine (in our example a Unix-type system like Linux or Solaris) that runs the SmartConnector and processes the delivered log files.

ArcSight supports a wide variety of “legacy” products out of the box, such as large parts of IBM, z/OS and others. ArcSight’s support of these older platforms is lacking in certain areas and may require a fair amount of extra work in order to be integrated properly. I recently discovered this when installing a connector for my favorite “legacy” platform, VMS. This article will focus on how to properly integrate ArcSight with HP’s OpenVMS (don’t tell anyone I called VMS a “legacy” product around comp.os.vms or HECnet though).

As IT infrastructure demands grow, so does the increasing need to monitor and control the IT environment. Information security professionals are dealing with increasingly high rates of security-significant events within the SIEM infrastructures, which presents advanced challenges to both engineers and architects.