• HP Protect spotlights debate on privacy vs. security

    General Keith Alexander (Ret.), former director of the NSA, and journalist Glenn Greenwald, widely known for writing a series of reports detailing U.S. surveillance programs based on classified documents disclosed by ...
    grace.chang
    last modified by grace.chang
  • Challenge: Create a new theme for our point level system

    Give us a hand in shaping the community!   We are changing the theme of our levels and want your feedback on what our new theme should be. We want our naming conventions customized, so start thinking of ideas! I...
    grace.chang
    last modified by grace.chang
  • Spotlighting Richard Hope

    Congratulations to Richard Hope (rhope) for being spotlighted as our Member of the Month for August! Both the Protect724 Team and members of the community such as rkent and balahasan.v have nominated Richard for this ...
    grace.chang
    last modified by grace.chang
  • Congrats to the winners of our pre-event training class raffle!

    Special thanks to all who participated in our HP Protect Conference Pre-event training class raffle!  Details here: Win a HP Protect Conference Pre-event training class!   The winners for the raffle are Anw...
    grace.chang
    last modified by grace.chang
  • The Cream Rises to the Top

    Original post can be found at RTFM, The Cream Rises to the Top ------------------------------------------------------------------------------------------- Scenario: You have an IDS you monitor but alerting on new e...
    carnivorouz
    last modified by carnivorouz
  • "Army of Loggers" RSyslog Load Balancing Config Tools

    These files are provided to assist the user in setting up RSyslog for load balancing across multiple Logger destinations, as will be presented at HP Protect 2015.   At present, these consist of:   A basic ...
    dskeeles
    last modified by dskeeles
  • Win a HP Protect Conference Pre-event training class!

    It's your lucky day! Our Protect724 Team wants the community to continue to stay up-to-date on training and classes and we will be offering EIGHT conference attendees a chance to win  ONE free pre-event training ...
    grace.chang
    last modified by grace.chang
  • Spotlighting Michael Schleich

    We'd like to spotlight Michael Schleich (mschleich) for the month of August! Our Protect724 Team and members of the community, rkent and balahasan.v, have nominated Michael for his quality answers and exceptional part...
    grace.chang
    last modified by grace.chang
  • Enter to win a backstage pass for a multi-time, Grammy-nominated pop-rock band!

    If you buy a HP Protect 2015 pass from August 10, 2015 to August 21, 2015, you will be entered to win a backstage pass to see OneRepublic at HP Protect2015. The winner will receive special transportation to the venue ...
    grace.chang
    last modified by grace.chang
  • The winners of the HP Protect Pass are...

    Special thanks to all who participated in our HP Protect Raffle Challenge! Our Protect724 Community team was thoroughly impressed with the level of dedication users put in completing the raffle challenge! We shot...
    grace.chang
    last modified by grace.chang
  • Spotlighting Balahasan

    Drum roll...it is my absolute honor to highlight Balahasan (balahasan.v) as our  power user with the most questions answered on the ArcSight Community! From the start, he has brought in several great suggesti...
    grace.chang
    last modified by grace.chang
  • Want to win a HP Protect 2015 Conference Pass?

    Want to win a HP Protect Conference Pass? The Protect724 Community staff will be giving away 2 HP Protect Conference passes for the month of July and announcing the two winners the first week of August.   We ar...
    grace.chang
    last modified by grace.chang
  • Proactive Computer Network Defense Strategy - OSINT Real Time Threat Stream - Social/DarkNet Data Mining

    Project Start Date June 30, 2012   License GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007   Disclaimer All software provided as is. All software covered under the GPL license and free for public r...
    ali3n0ne
    last modified by ali3n0ne
  • Mapping Auditd UID to Username - Automated Map File Generation & Distribution

    Disclaimer ==== All software provided as is. All software covered under the GPL license and free for public redistribution. If unintended consequences occur due to utilization of this software, user bears the resulta...
    AlienOne
    last modified by AlienOne
  • Automation Export ArcSight System Tables, Archival, Checksum, Management of Export Archives

    Disclaimer ==== ''' All software provided as is. All software covered under the GPL license and free for public redistribution. If unintended consequences occur due to utilization of this software, user bears the res...
    AlienOne
    last modified by AlienOne
  • and Behold!…Lightweight rules

    Check chasemullins.com for the original posting. -----------------------------------------------------------------------   A new ArcSight Express/ESM version is here and with it comes the ability to use lightwe...
    carnivorouz
    last modified by carnivorouz
  • Shrug off Java 0-days (with expensive toys)

    Check RTFM, Shrug off Java 0-days (with expensive toys) for the original posting. ----------------------------------------------------------------------- Disclaimer: This cannot (effectively) be done without expensi...
    carnivorouz
    last modified by carnivorouz
  • Gone Phishing

    Original posting as chasemullins.com ------------------------------------------------------- Log Sources: Log all the things!!  However, for the purpose of this post you only need your Exchange logs and those fr...
    carnivorouz
    last modified by carnivorouz
  • ArcSight OSINT Use Cases - OutPut TCP Syslog - CEF Event Stream

    Updated Twitter Monitoring Use Case ==== - Utilizing Python 3.4.0 - Utilizing Twython to interface with the Twitter Streaming API - Created $SHELL initialization scripts for CentOS/RHEL to run the twitter monitor...
    ali3n0ne
    last modified by ali3n0ne
  • Powershell - Parse ArcSight Smart Connector XML Configuration - Output CSV

    query the connector host system process table for any smart connectors installed on the system in state 'Running' parse smart connector XML configuration file located at $ARCSIGHT_CONNECTOR_HOME\current\user\agent\*....
    ali3n0ne
    last modified by ali3n0ne