Integration with Arcsight

Question

diveshshah opened this issue 8 years ago · comments

Hi,

Can please share link or document how we can integrate Arcsight SIEM with CIF server.

Thanks
Divesh Shah

wes · Answer 1 · Fri Aug 12 2016 19:49:37 GMT+0800 (China Standard Time)

here are some older examples from CIFv1, probably very similar with CIFv2:

diveshshah · Answer 2 · Fri Aug 12 2016 19:52:46 GMT+0800 (China Standard Time)

Hi,

Thanks for providing links.
We will check and update if any issue comes.

Divesh Shah

From: "Wes" notifications@github.com
To: "csirtgadgets" massive-octo-spice@noreply.github.com
Cc: "diveshshah" divesh.shah@sequretek.com, "Author" author@noreply.github.com
Sent: Friday, August 12, 2016 5:19:39 PM
Subject: Re: [csirtgadgets/massive-octo-spice] Integration with Arcsight (#440)

here are some older examples from CIFv1, probably very similar with CIFv2:

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub , or mute the thread .

devangraval007 · Answer 3 · Mon Jan 15 2018 13:51:03 GMT+0800 (China Standard Time)

Hello,

Can you please guide me, how we can get CIF api key & CIF api URL?
and can you please tell me default CIF user password?

Thanks,
Devang Raval.

wes · Answer 4 · Tue Jan 16 2018 20:30:59 GMT+0800 (China Standard Time)

@devangraval007 if you're just starting out- you should be using CIFv3:

the cif-tokens command will show you what you're looking for and the url will be https://localhost:5000/help to show you the REST routes.