- Collect event data
- Normalize event data
- Apply event categories
- Look up Customer and Zone in Network Model
- Aggregate and Filter events
A data source on a network node generates event data, which is collected by an ArcSight agent. The agent normalizes the data into the ArcSight schema, then tags it with event categories and looks up zone and customer attributes from the ArcSight network model. Finally, if so configured, the agent filters and aggregates events to reduce the event stream..
The first phase of the ArcSight process is done by the agent. The agent is usually configured with aggregation and filter criteria, which perform the first level of narrowing the event stream. The agent also applies event categories, which represent the first layer of evaluation criteria applied by ArcSight. The agent performs the following functions, which are described in detail in the pages that follow.
Data Science training
ReplyDeletelinux training
mulesoft training
web methods training
business analyst online training
oracle adf online training
oracle rac online training
msbi online training