Data sheet

HP ArcSight SmartConnector
supported products
The HP ArcSight library of out-of-the-box SmartConnectors provides source-optimized
collection for leading security commercial products. These products span the entire stack of
event-generating source types, from network and security devices to databases and enterprise
applications. SmartConnectors are the default listing in this document.
In addition to SmartConnectors developed and maintained by HP ArcSight, we test and certify
the following connector types through our Technology Alliances Program:
Common event format (CEF) Certifiedhelps ensure event information is captured properly
in the CEF
Action Certifiedallows for control of a vendors technology from within the HP ArcSight Console
Common event format are in bold below and Action are Italicized. If they have both they are
bold and Italicized.
HP ArcSight SmartConnector supported
platform for installation
CentOS-6.5, 6.6, and 7.0
Microsoft Windows Server 2008
SP2 32/64-bit
Microsoft Windows Server 2008
R2 SP1 64-bit
Microsoft Windows Server 2012
Standard 64-bit, R2 64-bit
Red Hat Enterprise Linux (RHEL)
6.4 64-bit
SUSE Linux 11 Enterprise Server 64-bit
Oracle Solaris 10 64-bit, 11 32-bit
IBM AIX version 7.1 64-bit
Anti-virus/Anti-spam
F-Secure Anti-Virus
Kaspersky Anti-Virus
McAfee VirusScan Enterprise
Sophos
Symantec Endpoint Protection Manager
(SEPM) DB SEP 12
Symantec Mail Security for Microsoft
Exchange
Trend Micro (TM) OfficeScan (Control
Manager and TM Control Manager
Database[DB])
Applications
IBM WebSphere
iT-CUBE agileSI SAP
Oracle WebLogic Server (BEA)
SAP enterprise resource planning (ERP)
Microsoft SharePoint Server DB

Application security
Arxan GuardIT
Bit9 + Carbon Black Security Platform
CA Layer 7 SecureSpan/CloudSpan
Gateway
Intralinks VIA
McAfee Application Control (Solidcore)
RSA Silver Tail Systems Forensics
Clinical/Healthcare applications
FairWarning
Cloud
Box
CloudPassage Halo
FlexConnector for REST
Zscaler Nanolog Streaming Service (NSS)
Content security
Gemalto (Safenet) eSafe Gateway
Barracuda (NetContinuum Web Firewall)
McAfee Email and Web Security Appliance
McAfee Web Gateway
Proofpoint Enterprise Protection and
Enterprise Privacy
Puresight Content Filter
Trend Micro Control Manager
Trend Micro InterScan Messaging Security
(Control Manager)
Trend Micro InterScan Web Security
(Control Manager)

Data sheet | HP ArcSight SmartConnector

supportedproducts

Database Activity Monitoring (DAM)/

DBsecurity
Trustwave Application Security DbProtect
IBM InfoSphere Guardium
Imperva SecureSphere
McAfee Sentrigo Hedgehog
(Enterprise and vPatch)
Database
IBM DB2
IBM DB2 UDB Audit File
IBM DB2 UDB Audit File, Multiple Instance
Microsoft SQL
Oracle Audit DB
Oracle Audit Vault
Oracle Audit Syslog
Oracle Audit XML11gR2
Sybase Adaptive Server Enterprise
Data leak prevention
Fidelis Cybersecurity XPS
GTB Inspector
McAfee Host Data Loss Prevention
Endpoints (HDLP)
Symantec DLP (Vontu)
Verdasys Digital Guardian
Data security
CyberArk Inter-Business Vault
CyberArk Sensitive Document Vault
Gemalto (Safenet) Ingrian
HP Atalla Network Security
Processor(NSP)
JBoss Security Auditing File
Vormetric Data Firewall
Vormetric Data Security Manager
Zettaset BDEncrypt
Firewall
Check Point FW-1
Cisco PIX Firewall
Cisco PIX/ASA Syslog
Juniper Networks (Altor Networks
Virtual Firewall)
Juniper Network Security Manager
(NetScreen)
Juniper Network Security Manager Syslog
Juniper Networks Firewall and VPN
McAfee Enterprise Syslog
Intrusion Detection System and Intrusion
Prevention Systemhost-based
IBM BlackICE Server Protection
(IBMSecurity SiteProtector System)
Symantec Critical System Protection
Database
Tripwire Enterprise Belden (Tripwire)

IDS/IPSnetwork-based
Broadweb NetKeeper
Bro IDS
Bro IDS NG File
Cisco Secure IPS
Extreme Networks Enterasys Dragon
HP TippingPoint Security Management
System (SMS)
IBM Proventia IPS Appliance (SiteProtector)
Juniper Networks IDP (NetScreen)
McAfee Network Security Manager
(Intru Shield)
NitroSecurity IPS
Radware DefensePro
Snort
Cisco Sourcefire Intrusion Sensor
Cisco Sourcefire Defense eStreamer
(Policy Violation)
Cisco Sourcefire Defense Center eStreamer
Cisco Sourcefire Real-time Network
Awareness (RNA) Sensor
IDM, IAM, and identity security
RSA Aveksa
BeyondTrust PowerBroker
Cisco Secure Access Control Server (ACS)
CyberArk Privileged Identity
Management (PIM) Suite
CyberArk Privileged Session Management
(PSM) Suite
Dell ChangeAuditor DB (Quest)
IBM Tivoli Access Manager
Juniper Steel-Belted Radius (SBR)
Lieberman Software Enterprise Random
Password Manager (ERPM)
Microsoft Active Directory
Microsoft Forefront
Microsoft Forefront DB
Microsoft Network Policy Server
Netwrix Auditor
Novell Nsure Audit
ObserveIT Enterprise
Oracle Sun ONE Directory Server
VMware PacketMotion PacketSentry
RSA Authentication Manager
Securonix RTI-Risk and Threat
Intelligence
SpectorSoft Spector 360 Export Service
Thycotic Secret Server

Data sheet | HP ArcSight SmartConnector

supportedproducts

Integrated security
Barracuda Spam Firewall
Cisco ASA 5500
Fortinet FortiGate
HP TippingPoint Next-Generation
Firewall (NGFW)
Palo Alto Networks PAN-OS
Secure Computing Sidewinder
Dell SonicWALL
Stonesoft StoneGate
IT operations
HP Operations Manager (OM and OMi)
HP OpenView Operations (OVO)
Log consolidation and analysis
Dell InTrust (fka Aelita Event Manager[AEM])
Enterprise IT Security SF-RiskSaver
LOGbinder SP
Qualys QualysGuard File, version 7.1
Mail filtering
Cisco IronPort Email Security Appliance
McAfee Email Gateway (Secure
Computing IronMail)
McAfee Security for Email Servers
(GroupShield)
Symantec Messaging Gateway
(MailSecurity 8200 Series)
Mainframe
CA Top Secret
IBM OS/390 (NVAS)
IBM OS/390 (SDSF)
IBM z/OS System Log
IBM eServer iSeries Audit Journal File
Helpsystems PowerTech Interact
Type80 SMA_RT for RACF
Type80 SMA_RT for CA Top Secret
IBM AS/400
Mail server
IBM Lotus Notes Domino Enterprise Server
Microsoft Exchange
Microsoft Exchange PowerShell
Microsoft Forefront for Exchange Server
Microsoft Forefront Protection Server
Management Console DB

Malware detection
AhnLab Malware Defense System (MDS)
Damballa CSP
Damballa Failsafe
FireEye Malware Protection
System(MPS)
FireEye Mandiant Intelligent Response
Guidance EnCase
HBGary Active Defense
Lastline Enterprise
TaaSera TaaS NetAnalyzer
Network access control
ForeScout CounterACT
Portnox Portnox
Network behavior anomaly
Arbor Networks Peakflow
Lancope StealthWatch
Qosmos DeepFlow Security
Network forensics
Narus nSystem
NIKSUN NetDetector
RSA NetWitness
Fidelis Cybersecurity (Access Data) CIRT
Network management
Cisco Wireless LAN Controller Syslog
HP Network Node Manager i SNMP
Lumeta Enterprise Situational
Intelligence (ESI)
Lumeta IPsonar
Network monitoring
ISC DHCP
ISC BIND
Microsoft Operations Manager DB (MOM)
Microsoft System Center Operations
Manager (SCOM) DB
Microsoft System Center Configuration
Manager DB
Microsoft DHCP
Microsoft DNS
Microsoft WINS
Network traffic analysis
Cisco NetFlow/Flexible NetFlow
NetScout nGenius
FireEye nPulse Hammerhead
QoSient Argus
InMon sFlow
Blue Coat Solera Networks DeepSee
TCPdump
Network traffic management
Cisco Distributed Director for Cisco 4500
Bro IDS

Data sheet | HP ArcSight SmartConnector

supportedproducts

Operating systems
IBM AIX Operating System
HP OpenVMS
HP-UX Operating System
HP-UX Syslog, version 11i v3
Microsoft Windows 7/NT/2000/2003/
XP/2008 Server/Vista
Microsoft Windows Event Logunified,
SQL Server 2012 for SQL Server audit
Red Hat Linux
Snare for Microsoft Windows
Solaris Basic Security module (BSM)
UNIX
SaberNet NTSyslog
HP NonStop servers (XYPRO
Merged Audit)
Packet capture
Ixia Anue Net Tool Optimizer
Physical systems/security
RedCloud (PlaSec)
Policy management
McAfee Policy Auditor
NetIQ Security Manager
Router
Cisco Router
Juniper Router (JUNOS)
HP H3C Comware Platform
Security management
Enterasys Dragon Server
IBM SiteProtector
iSIGHT ThreatScape API
Lookingglass ScoutVision
Malcovery MRTI
McAfee ePolicy Orchestrator (ePO)
McAfee Network Security Manager DB
McAfee Rogue System Detection (via ePO)
Microsoft Audit Collection Services
Symantec Enterprise Security
Manager(ESM)
Storage
HP c7000VCM syslog
NetApp filer (FAS)
EMC Celerra
EMC VNXe Storage Systems

For additional information on HP ArcSight

SmartConnector, visit the user community
website on Protect724 (need Protect724 login):
protect724.hp.com/community/arcsight/
productdocs/connectors.

Switch
Cisco Catalyst
Cisco CSS 11500 Series Content
ServicesSwitches
Cisco NX-OS
Foundry Networks BigIron
Brocade (Foundry Networks)
HP Ethernet switch
HP Networking Syslog

Virtualization
CounterTack Event Horizon
VMware ESX/ESXi Server
VMware Virtual Center
VPN
Check Point VPN-1
Cisco VPN Concentrator
Citrix NetScaler
Juniper/NetScreen (Neoteris) SSL VPN
Nortel Contivity Extranet Switch
Vulnerability assessment
eEye REM Security Management Console
eEye Retina Network Security Scanner
Harris STAT Scanner
IBM Internet Scanner
McAfee Vulnerability Manager (FoundScan)
nCircle IP360 Device Profiler
nCircle IP360 Threat Monitor
Nmap
Open Vulnerability and Assessment
Language (OVAL) Standard
QualysGuard
Rapid 7 Nexpose
Tenable Nessus
SAINT Vulnerability Scanner
Web cache
Blue Coat Proxy SG Series
Microsoft Internet Security and
Acceleration(ISA)
Squid Web Proxy Cache
Web filtering
Cisco IronPort Web Security Appliance
Websense Web Security Suite
Web server
Apache
Microsoft Internet Information Services (IIS)
Oracle Sun ONE
Wireless
AirDefense Guard
Fluke Network AirMagnet Enterprise
AirTight Mgmt Console
Aruba WLAN Mobility Controller
Cisco Mobility Services Engine

Data sheet | HP ArcSight SmartConnector

supportedproducts

HP ArcSight SmartConnector list

The HP ArcSight library of out-of-the-box SmartConnectors provides source-optimized
collection for leading security vendor commercial products. These products span the entire
stack of event-generating source types, from network and security devices to databases and
enterprise applications. Company/Product is the default listing in this document but it links to
the overall SmartConnector and CEF documents.
ActivCard AAA Server DB
AirDefense Guard
AirMagnet Enterprise
Aladdin eSafe Gateway
Apache
Arbor Networks Peakflow
Aruba WLAN Mobility Controller
Barracuda Spam Firewall
Barracuda (NetContinuum Web Firewall)
Blue Coat Proxy SG Series
Box
Bro IDS
Bro IDS NG File
Broadweb NetKeeper
CA Top Secret
CentOS
Check Point FW-1
Check Point VPN-1
Cisco ASA 5500
Cisco Catalyst
Cisco CSS 11500 Series Content
ServicesSwitches
Cisco Distributed Director 4500
Cisco IPS Sensor
Cisco IronPort Email Security Appliance
Cisco IronPort Web Security Appliance
Cisco Security MARS
Cisco Mobility Services Engine
Cisco NetFlow/Flexible NetFlow
Cisco NX-OS
Cisco PIX Firewall
Cisco PIX/ASA Syslog, version 8.5, 8.6, 9.3
Cisco Router
Cisco ACS
Cisco Secure IDS
Cisco Security Agent (Okena)
Cisco WIPS SNMP
Cisco Wireless LAN Controller Syslog
CiscoWorks
CounterSnipe
HP Network Node Manager i SNMP

eEye REM Security Management Console

eEye Retina Network Security Scanner
EMC Celerra
Enterasys Dragon
Enterasys Dragon Server
FlexConnector for REST
Fortinet FortiGate
Foundry Networks BigIron
F-Secure Anti-Virus
Harris STAT Scanner
HP Ethernet switch
HP H3C Comware Platform
HP OpenVMS
HP OM and OMi
HP Networking Syslog
HP TippingPoint SMS
HP-UX Operating System
HP-UX Syslog, version 11i v3
IBM AIX Operating System
IBM AIX version 7.1, 64-bit
IBM BlackICE Server Protection
IBM DB2
IBM DB2 UDB Audit File, Multiple Instance
IBM DB2 UDB Audit File, version 10
IBM Internet Scanner
IBM Lotus Notes Domino Enterprise Server
IBM OS/390 (NVAS)
IBM OS/390 (SDSF) Type80 SMA_RT
forRACF
IBM Proventia IPS Appliance (SiteProtector)
IBM RealSecure Server Sensor
IBM RealSecure Workgroup Manager
IBM Security SiteProtector System
IBM SiteProtector
IBM Tivoli Access Manager
IBM WebSphere
Ingrian
InMon sFlow
ISC BIND
ISC DHCP
JBoss Security Auditing File 7.1

Data sheet | HP ArcSight SmartConnector

supportedproducts

Juniper Network Security Manager

(NetScreen)
Juniper Network Security Manager Syslog,
version 2011.4
Juniper Networks Firewall and VPN
Juniper Networks IDP (NetScreen)
Juniper Router (JUNOS)
Juniper SBR
Juniper/NetScreen (Neoteris) SSL VPN
Kaspersky Anti-Virus
Lucent Managed Firewall
Mazu Profiler
McAfee Application Control (Solidcore)
McAfee Desktop Firewall
McAfee Email Gateway (Secure
Computing IronMail)
McAfee ePO
McAfee HDLP
McAfee Network Security Manager
(Intru Shield)
McAfee Network Security Manager DB
McAfee Policy Auditor
McAfee Rogue System Detection (via ePO)
McAfee Security for Email Servers
(GroupShield)
McAfee VirusScan Enterprise
McAfee Vulnerability Manager (FoundScan)
McAfee Web Gateway
MessageGate
Microsoft Active Directory
Microsoft Audit Collection Services
Microsoft DHCP
Microsoft DNS
Microsoft Exchange
Microsoft Exchange PowerShell
Microsoft Forefront
Microsoft Forefront DB
Microsoft Forefront for Exchange Server
Microsoft Forefront Protection Server
Management Console DB
Microsoft IIS
Microsoft ISA
Microsoft Network Policy Server
(WindowsIAS/RADIUS)

Microsoft Operations Manager (MOM) DB

Microsoft SharePoint Server DB
Microsoft SQL
Microsoft System Center Configuration
Manager DB
Microsoft SCOM DB
Microsoft Windows 7/8/2003/XP/2008 Server/
Vista
Microsoft Windows Event Logunified SQL
Server 2012 for SQL Server audit
Microsoft Windows Server 2003 R2 (SP2)
32/64-bit
Microsoft Windows
Server 2008 R2 SP1 64-bit
Microsoft Windows
Server 2008 SP2 32/64-bit
Microsoft Windows
Server 2012 Standard 64-bit
Microsoft WINS
Mirage Networks CounterPoint
nCircle IP360 Device Profiler
nCircle IP360 Threat Monitor
NetApp filer (FAS)
NetIQ Security Manager
NFR Central Management Server
NFR Security HID
NFR Security NID
NitroSecurity IPS
Nmap
Nortel Contivity Extranet Switch
Novell Nsure Audit
Oracle Audit DB
Oracle Audit Syslog, version 11gR2
Oracle Audit Vault
Oracle Audit XML
Oracle Solaris 10, 64-bit
Oracle Sun ONE Directory Server
Oracle WebLogic Server (BEA)
OVAL
PacketAlarm IDS
Proofpoint Enterprise Protection and
Enterprise Privacy
Puresight Content Filter

Data sheet | HP ArcSight SmartConnector

supportedproducts

QoSient Argus
QualysGuard
Qualys QualysGuard File, version 7.1
Dell (Quest) ChangeAuditor DB
Dell (Quest) InTrust (fka AEM)
Radware DefensePro
Rapid 7 Nexpose
RHEL 6.4 64-bit
Red Hat Linux
RSA Access Manager (ClearTrust)
RSA Authentication Manager
SaberNet NTSyslog
SAINT Vulnerability Scanner
SAP ERP
Secure Computing Gauntlet Firewall/VPN
Secure Computing SafeWord PremierAccess
Secure Computing Sidewinder
Secure Computing Webwasher
Snare for Microsoft Windows
Snort
Solaris BSM
Solsoft Policy Server
SonicWALL
Sophos
Sourcefire Defense Center eStreamer,
version 5.0.2, 5.1
Sourcefire Defense Center management
console
Sourcefire Intrusion Sensor
Sourcefire RNA Sensor
Squid Web Proxy Cache

Sun ONE
SUSE Linux 11 Enterprise Server 64-bit
Sybase Adaptive Server Enterprise
Symantec Critical System Protection
Database
Symantec DLP (Vontu)
SEPM DB SEP 12
Symantec ESM
Symantec Mail Security for
MicrosoftExchange
Symantec Messaging Gateway
(MailSecurity 8200 Series)
TCPdump
Tenable Nessus
Top Layer Attack Mitigator
Trend Micro Control Manager
Trend Micro InterScan Messaging Security
(Control Manager)
Trend Micro InterScan Web Security
(Control Manager)
Trend Micro OfficeScan (Control Manager
and TM Control Manager DB)
Trend Micro ScanMail for Lotus Domino
(Control Manager)
Type80 SMA_RT for CA Top Secret
UNIX
VMware ESX/ESXi Server
VMware Virtual Center
Vormetric Data Security Manager
Websense Web Security Suite

Data sheet | HP ArcSight SmartConnector

supportedproducts

HP ArcSight CEF/Action connector list

In addition to SmartConnectors developed and maintained by HP ArcSight, we test and certify
the following 81 connector types through our Technology Alliance Program:
CEF Certifiedhelps ensure event information is captured properly in the CEF
Action Certifiedallows for control of a vendors technology from within the HP ArcSight Console

Action Certified solutions:

RSA Aveksa
CyberArk PSM Suite
ForeScout CounterACT
Guidance EnCase
Ixia Anue Net Tool Optimizer
FireEye Mandiant Intelligent Response
Proofpoint NetCitadel ThreatOptics
FireEye nPulse Hammerhead
Securonix RTI
Blue Coat Solera DeepSee
Verdasys Digital Guardian

Sign up for updates

hp.com/go/getupdated

CEF Certified solutions:

AhnLab MDS
AirTight SpectraGuard
Arxan GuardIT
Beldon (Tripwire) Enterprise
BeyondTrust PowerBroker
Bit9 + Carbon Black Security Platform
CA Layer 7 SecureSpan/CloudSpan Gateway
CloudPassage Halo
CorreLog dbDefender
CounterTack Event Horizon
CyberArk Inter-Business Vault
CyberArk PIM Suite
CyberArk Sensitive Document Vault
Damballa CSP
Damballa Failsafe
FairWarning
Fidelis Cybersecurity (Access Data) CIRT
Fidelis Cybersecurity XPS
FireEye Mandiant Intelligent Response
FireEye MPS
ForeScout CounterACT
GTB Inspector
Helpsystems PowerTech Interact
HP Atalla NSP
HP NonStop servers (XYPRO Merged Audit)
HP TippingPoint NGFW
IBM InfoSphere Guardium
Imperva SecureSphere
iSIGHT ThreatScape API
iT-CUBE agileSI SAP
Intralinks VIA
Juniper Networks (Altor Networks
Virtual Firewall)
Lancope StealthWatch

Share with colleagues

Lastline Enterprise Anti-Malware

Lieberman Software ERPM
LOGbinder SP
Lookingglass ScoutVision
Lumeta ESI
Lumeta IPsonar
Malcovery MRTI
Mantech HBGary Active Defense
McAfee Email and Web Security Appliance
McAfee Sentrigo Hedgehog (Enterprise
and vPatch)
McAfee Stonesoft StoneGate
NetScout nGenius
Netwrix Auditor
NIKSUN NetDetector
ObserveIT Enterprise
Palo Alto Networks PAN-OS
Portnox Portnox
Qosmos DeepFlow Security
RedCloud (PlaSec)
RSA NetWitness
RSA Silver Tail Systems Forensics
SailPoint IdentityIQ
Savvius Omni Distributed Analysis Platform
Securonix RTI
SpectorSoft Spector 360 Export Service
Symantec (Narus) nSystem
TaaSera TaaS NetAnalyzer
Thycotic Secret Server
Trend Micro Deep Security
Trustwave Application Security DbProtect
Verdasys Digital Guardian
Vormetric Data Firewall
Zettaset BDEncrypt
Zscaler NSS

Rate this document

Copyright 20142015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only
warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein
should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
McAfee is a trademark or registered trademark of McAfee, Inc. in the United States and other countries. Microsoft, Windows, and Windows Server are
either registered trademarks or trademarks of are U.S. registered trademarks of the Microsoft group of companies. Oracle is a registered trademark of
Oracle and/or its affiliates. Red Hat is a registered trademark of Red Hat, Inc. in the United States and other countries. SAP is the trademark or registered
trademark of SAP SE in Germany and in several other countries. UNIX is a registered trademark of The Open Group. Citrix is a registered trademark of
Citrix Systems, Inc. and/or one more of its subsidiaries and may be registered in the United States Patent and Trademark Office and in other countries.
Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. VMware is a registered trademark or trademark of VMware, Inc. in the
United States and/or other jurisdictions. sFlow is a registered trademark of InMon Corp.
4AA5-3404ENW, July 2015, Rev. 3