HP ArcSight SmartConnector
supported products
The HP ArcSight library of out-of-the-box SmartConnectors provides source-optimized
collection for leading security commercial products. These products span the entire stack of
event-generating source types, from network and security devices to databases and enterprise
applications. SmartConnectors are the default listing in this document.
In addition to SmartConnectors developed and maintained by HP ArcSight, we test and certify
the following connector types through our Technology Alliances Program:
Common event format (CEF) Certifiedhelps ensure event information is captured properly
in the CEF
Action Certifiedallows for control of a vendors technology from within the HP ArcSight Console
Common event format are in bold below and Action are Italicized. If they have both they are
bold and Italicized.
HP ArcSight SmartConnector supported
platform for installation
CentOS-6.5, 6.6, and 7.0
Microsoft Windows Server 2008
SP2 32/64-bit
Microsoft Windows Server 2008
R2 SP1 64-bit
Microsoft Windows Server 2012
Standard 64-bit, R2 64-bit
Red Hat Enterprise Linux (RHEL)
6.4 64-bit
SUSE Linux 11 Enterprise Server 64-bit
Oracle Solaris 10 64-bit, 11 32-bit
IBM AIX version 7.1 64-bit
Anti-virus/Anti-spam
F-Secure Anti-Virus
Kaspersky Anti-Virus
McAfee VirusScan Enterprise
Sophos
Symantec Endpoint Protection Manager
(SEPM) DB SEP 12
Symantec Mail Security for Microsoft
Exchange
Trend Micro (TM) OfficeScan (Control
Manager and TM Control Manager
Database[DB])
Applications
IBM WebSphere
iT-CUBE agileSI SAP
Oracle WebLogic Server (BEA)
SAP enterprise resource planning (ERP)
Microsoft SharePoint Server DB
Application security
Arxan GuardIT
Bit9 + Carbon Black Security Platform
CA Layer 7 SecureSpan/CloudSpan
Gateway
Intralinks VIA
McAfee Application Control (Solidcore)
RSA Silver Tail Systems Forensics
Clinical/Healthcare applications
FairWarning
Cloud
Box
CloudPassage Halo
FlexConnector for REST
Zscaler Nanolog Streaming Service (NSS)
Content security
Gemalto (Safenet) eSafe Gateway
Barracuda (NetContinuum Web Firewall)
McAfee Email and Web Security Appliance
McAfee Web Gateway
Proofpoint Enterprise Protection and
Enterprise Privacy
Puresight Content Filter
Trend Micro Control Manager
Trend Micro InterScan Messaging Security
(Control Manager)
Trend Micro InterScan Web Security
(Control Manager)
IDS/IPSnetwork-based
Broadweb NetKeeper
Bro IDS
Bro IDS NG File
Cisco Secure IPS
Extreme Networks Enterasys Dragon
HP TippingPoint Security Management
System (SMS)
IBM Proventia IPS Appliance (SiteProtector)
Juniper Networks IDP (NetScreen)
McAfee Network Security Manager
(Intru Shield)
NitroSecurity IPS
Radware DefensePro
Snort
Cisco Sourcefire Intrusion Sensor
Cisco Sourcefire Defense eStreamer
(Policy Violation)
Cisco Sourcefire Defense Center eStreamer
Cisco Sourcefire Real-time Network
Awareness (RNA) Sensor
IDM, IAM, and identity security
RSA Aveksa
BeyondTrust PowerBroker
Cisco Secure Access Control Server (ACS)
CyberArk Privileged Identity
Management (PIM) Suite
CyberArk Privileged Session Management
(PSM) Suite
Dell ChangeAuditor DB (Quest)
IBM Tivoli Access Manager
Juniper Steel-Belted Radius (SBR)
Lieberman Software Enterprise Random
Password Manager (ERPM)
Microsoft Active Directory
Microsoft Forefront
Microsoft Forefront DB
Microsoft Network Policy Server
Netwrix Auditor
Novell Nsure Audit
ObserveIT Enterprise
Oracle Sun ONE Directory Server
VMware PacketMotion PacketSentry
RSA Authentication Manager
Securonix RTI-Risk and Threat
Intelligence
SpectorSoft Spector 360 Export Service
Thycotic Secret Server
Integrated security
Barracuda Spam Firewall
Cisco ASA 5500
Fortinet FortiGate
HP TippingPoint Next-Generation
Firewall (NGFW)
Palo Alto Networks PAN-OS
Secure Computing Sidewinder
Dell SonicWALL
Stonesoft StoneGate
IT operations
HP Operations Manager (OM and OMi)
HP OpenView Operations (OVO)
Log consolidation and analysis
Dell InTrust (fka Aelita Event Manager[AEM])
Enterprise IT Security SF-RiskSaver
LOGbinder SP
Qualys QualysGuard File, version 7.1
Mail filtering
Cisco IronPort Email Security Appliance
McAfee Email Gateway (Secure
Computing IronMail)
McAfee Security for Email Servers
(GroupShield)
Symantec Messaging Gateway
(MailSecurity 8200 Series)
Mainframe
CA Top Secret
IBM OS/390 (NVAS)
IBM OS/390 (SDSF)
IBM z/OS System Log
IBM eServer iSeries Audit Journal File
Helpsystems PowerTech Interact
Type80 SMA_RT for RACF
Type80 SMA_RT for CA Top Secret
IBM AS/400
Mail server
IBM Lotus Notes Domino Enterprise Server
Microsoft Exchange
Microsoft Exchange PowerShell
Microsoft Forefront for Exchange Server
Microsoft Forefront Protection Server
Management Console DB
Malware detection
AhnLab Malware Defense System (MDS)
Damballa CSP
Damballa Failsafe
FireEye Malware Protection
System(MPS)
FireEye Mandiant Intelligent Response
Guidance EnCase
HBGary Active Defense
Lastline Enterprise
TaaSera TaaS NetAnalyzer
Network access control
ForeScout CounterACT
Portnox Portnox
Network behavior anomaly
Arbor Networks Peakflow
Lancope StealthWatch
Qosmos DeepFlow Security
Network forensics
Narus nSystem
NIKSUN NetDetector
RSA NetWitness
Fidelis Cybersecurity (Access Data) CIRT
Network management
Cisco Wireless LAN Controller Syslog
HP Network Node Manager i SNMP
Lumeta Enterprise Situational
Intelligence (ESI)
Lumeta IPsonar
Network monitoring
ISC DHCP
ISC BIND
Microsoft Operations Manager DB (MOM)
Microsoft System Center Operations
Manager (SCOM) DB
Microsoft System Center Configuration
Manager DB
Microsoft DHCP
Microsoft DNS
Microsoft WINS
Network traffic analysis
Cisco NetFlow/Flexible NetFlow
NetScout nGenius
FireEye nPulse Hammerhead
QoSient Argus
InMon sFlow
Blue Coat Solera Networks DeepSee
TCPdump
Network traffic management
Cisco Distributed Director for Cisco 4500
Bro IDS
Operating systems
IBM AIX Operating System
HP OpenVMS
HP-UX Operating System
HP-UX Syslog, version 11i v3
Microsoft Windows 7/NT/2000/2003/
XP/2008 Server/Vista
Microsoft Windows Event Logunified,
SQL Server 2012 for SQL Server audit
Red Hat Linux
Snare for Microsoft Windows
Solaris Basic Security module (BSM)
UNIX
SaberNet NTSyslog
HP NonStop servers (XYPRO
Merged Audit)
Packet capture
Ixia Anue Net Tool Optimizer
Physical systems/security
RedCloud (PlaSec)
Policy management
McAfee Policy Auditor
NetIQ Security Manager
Router
Cisco Router
Juniper Router (JUNOS)
HP H3C Comware Platform
Security management
Enterasys Dragon Server
IBM SiteProtector
iSIGHT ThreatScape API
Lookingglass ScoutVision
Malcovery MRTI
McAfee ePolicy Orchestrator (ePO)
McAfee Network Security Manager DB
McAfee Rogue System Detection (via ePO)
Microsoft Audit Collection Services
Symantec Enterprise Security
Manager(ESM)
Storage
HP c7000VCM syslog
NetApp filer (FAS)
EMC Celerra
EMC VNXe Storage Systems
Switch
Cisco Catalyst
Cisco CSS 11500 Series Content
ServicesSwitches
Cisco NX-OS
Foundry Networks BigIron
Brocade (Foundry Networks)
HP Ethernet switch
HP Networking Syslog
Virtualization
CounterTack Event Horizon
VMware ESX/ESXi Server
VMware Virtual Center
VPN
Check Point VPN-1
Cisco VPN Concentrator
Citrix NetScaler
Juniper/NetScreen (Neoteris) SSL VPN
Nortel Contivity Extranet Switch
Vulnerability assessment
eEye REM Security Management Console
eEye Retina Network Security Scanner
Harris STAT Scanner
IBM Internet Scanner
McAfee Vulnerability Manager (FoundScan)
nCircle IP360 Device Profiler
nCircle IP360 Threat Monitor
Nmap
Open Vulnerability and Assessment
Language (OVAL) Standard
QualysGuard
Rapid 7 Nexpose
Tenable Nessus
SAINT Vulnerability Scanner
Web cache
Blue Coat Proxy SG Series
Microsoft Internet Security and
Acceleration(ISA)
Squid Web Proxy Cache
Web filtering
Cisco IronPort Web Security Appliance
Websense Web Security Suite
Web server
Apache
Microsoft Internet Information Services (IIS)
Oracle Sun ONE
Wireless
AirDefense Guard
Fluke Network AirMagnet Enterprise
AirTight Mgmt Console
Aruba WLAN Mobility Controller
Cisco Mobility Services Engine
QoSient Argus
QualysGuard
Qualys QualysGuard File, version 7.1
Dell (Quest) ChangeAuditor DB
Dell (Quest) InTrust (fka AEM)
Radware DefensePro
Rapid 7 Nexpose
RHEL 6.4 64-bit
Red Hat Linux
RSA Access Manager (ClearTrust)
RSA Authentication Manager
SaberNet NTSyslog
SAINT Vulnerability Scanner
SAP ERP
Secure Computing Gauntlet Firewall/VPN
Secure Computing SafeWord PremierAccess
Secure Computing Sidewinder
Secure Computing Webwasher
Snare for Microsoft Windows
Snort
Solaris BSM
Solsoft Policy Server
SonicWALL
Sophos
Sourcefire Defense Center eStreamer,
version 5.0.2, 5.1
Sourcefire Defense Center management
console
Sourcefire Intrusion Sensor
Sourcefire RNA Sensor
Squid Web Proxy Cache
Sun ONE
SUSE Linux 11 Enterprise Server 64-bit
Sybase Adaptive Server Enterprise
Symantec Critical System Protection
Database
Symantec DLP (Vontu)
SEPM DB SEP 12
Symantec ESM
Symantec Mail Security for
MicrosoftExchange
Symantec Messaging Gateway
(MailSecurity 8200 Series)
TCPdump
Tenable Nessus
Top Layer Attack Mitigator
Trend Micro Control Manager
Trend Micro InterScan Messaging Security
(Control Manager)
Trend Micro InterScan Web Security
(Control Manager)
Trend Micro OfficeScan (Control Manager
and TM Control Manager DB)
Trend Micro ScanMail for Lotus Domino
(Control Manager)
Type80 SMA_RT for CA Top Secret
UNIX
VMware ESX/ESXi Server
VMware Virtual Center
Vormetric Data Security Manager
Websense Web Security Suite
Copyright 20142015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only
warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein
should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
McAfee is a trademark or registered trademark of McAfee, Inc. in the United States and other countries. Microsoft, Windows, and Windows Server are
either registered trademarks or trademarks of are U.S. registered trademarks of the Microsoft group of companies. Oracle is a registered trademark of
Oracle and/or its affiliates. Red Hat is a registered trademark of Red Hat, Inc. in the United States and other countries. SAP is the trademark or registered
trademark of SAP SE in Germany and in several other countries. UNIX is a registered trademark of The Open Group. Citrix is a registered trademark of
Citrix Systems, Inc. and/or one more of its subsidiaries and may be registered in the United States Patent and Trademark Office and in other countries.
Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. VMware is a registered trademark or trademark of VMware, Inc. in the
United States and/or other jurisdictions. sFlow is a registered trademark of InMon Corp.
4AA5-3404ENW, July 2015, Rev. 3