ProxySG & Advanced Secure Gateway

  • Private Community
 View Only
Back to discussions
Expand all | Collapse all

Integrating Symantec Secure Web Gateway 5.2.7 with ArcSight SIEM

  • 1.  Integrating Symantec Secure Web Gateway 5.2.7 with ArcSight SIEM

    Posted Jan 25, 2018 08:58 AM

    Dear team,

     

    I am looking for a solution to integrate Secure Web Gateway 5.2.7 with SIEM ArcSight 6.11.

    With ArcSight, we can receive the event sending through Syslog mechanism. And as I understand, Secure Web Gateway supports to send log over syslog mechanism as well.

    Please help to correct if I am wrong.

     

    However, ArcSight does not support to translate Secure Web Gateway to CEF version. Due to that reason, we will need to develop the parser file by ourshelves.

    Is there anyone integrate Secure Web Gateway 5.2.7 to ArcSight using syslog mechanism successfully? Can you please give me some advice on this? Can you please give me an example of syslog log format sending from Secure Web Gateway?

    Really appreciate for your help and your time.

     

    Regards,

    Anh



  • 2.  RE: Integrating Symantec Secure Web Gateway 5.2.7 with ArcSight SIEM
    Best Answer

    Posted Jan 26, 2018 06:45 AM

    Dear Anh Hoang Duc

      you can do following reference >>> https://support.symantec.com/en_US/article.TECH242216.html



  • 3.  RE: Integrating Symantec Secure Web Gateway 5.2.7 with ArcSight SIEM

    Posted Feb 07, 2018 09:40 AM

    Thanks Chakuttha for your suggestion.