This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Bluecoat Solera Integration with RSA Log Solution

MohdSaadKhan
Frequent Contributor
Frequent Contributor

‎2017-12-20 08:15 AM

Hi All,

 

Can anyone suggest the method for integrating bluecoat Solera solution with RSA netwitness Log solution.

0 Likes
2 REPLIES 2

SravanKoneti1
Beginner
Beginner

‎2017-12-21 11:56 PM

Hi Mohd Saad,

 

I believe, Solera is now Symantec Security Analytics. you may need to configure syslog settings to send logs to Netwitness. If it falls under parsing issue, Please share sample logs to RSA support.

 

https://symwisedownload.symantec.com//resources/sites/SYMWISE/content/live/DOCUMENTATION/10000/DOC10415/en_US/SA_7.2.3_a…  

0 Likes

MohdSaadKhan
Frequent Contributor
Frequent Contributor

‎2017-12-26 01:45 AM

Hi

 

Yes now it is Blue Coat Security Analytics. And I don't want syslog or log from the Blue coat device for monitoring but want to integrate with Blue Coat through API using context menu action or any other app so that I can put my search of RSA investigation into blue coat.

 

Secondly I have created for single meta search through context menu action. But customer want queries search (source IP >destination IP > port) @ Blue coat . For example  you can see for Qradar and Blue Coat integration : Blue Coat Security Analytics Integration With IBM QRadar - YouTube 

 

Similarly want to create for RSA.

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.