0
10.4.1
Yokohama, Xanadu, Washington DC, Vancouver Patch 4, Vancouver
ArcSight Logger Integration for Security Operations aids in the investigation of a security incident by querying logs in your ArcSight Logger deployment for potentially malicious indicators.
ArcSight Logger Integration for Security Operations is now available only on the ServiceNow® Store.
The integration includes the ability to use ArcSight Logger to run a Sighting Search on observables to determine prevalence of a threat over time or test remediation and eradication efforts. The search can specify one or more observables and a date range for the search.
Changed:
- Migrated Workflows to Flow Designer flows.
This plugin requires Security Incident Response.
Before you can use the ArcSight Logger Integration for Security Operations, you must configure the API URL and login credentials.