L2-Entity Monitoring (Obsolete)

OpenText OpenText Community

App Support Tiers

OpenText SUPPORTED

Support via OpenText Software Support, with a ticket filed against the associated product.

PARTNER

OpenText offers a content partnership program for select partners. Support for Partner Content offerings is provided by the partner and not by OpenText of the OpenText community.

OpenText COMMUNITY

OpenText Community Content is provided by OpenText for the benefit of customers, support for it is not available via OpenText Software Support but through specific community content forums.

COMMUNITY

Community Contributed Content is provided by OpenText customers and supported by them.

EARLY ACCESS

Show less ...Show more

The downloads referenced under the "Cybersecurity Early Access" category are made available to subscribers to mitigate time-critical issues but have not undergone formal quality and performance testing associated with official OpenText/Cybersecurity product releases. OpenText has a multi-stage Quality Assurance process. During Stage 1 we conduct a resource analysis, field mapping, ensure content level 1 functionality and analysis in our sandbox environment. Stage 2 is a complete validation including production validation. This package has cleared Stage 1 validation and therefore should be deployed with the appropriate pre-production validation. OpenText strongly recommends that any downloaded content is first checked and tested thoroughly in a non-production environment before committing to production. We welcome feedback and, should any content be shown to be faulty, detrimental or carry an incorrect claim of authorship, we shall endeavor to remove or correct such content as promptly as reasonably possible once notified and validated.

OpenText | OpenText Community

The L2-Entity Monitoring - Situational Awareness package is designed to identify anomalies dealing with account authentication and management.

1,031 downloads

Description

The L2-Entity Monitoring - Situational Awareness package is designed to identify anomalies dealing with account authentication and management. This package has to be integrated with any Product packages that track account activities. This package requires configured L1-Entity Monitoring - Indicators and Warnings package for further detection and investigations.

The idea to have the L2-Entity Monitoring - Situational Awareness package is to build some common functionality (such as Rules) that can be applied to multiple Product packages. Wherever possible, only the filters will reside within the product packages. Those filters in the product package will then be linked into an OR statement in the null (false) L1 package filter where appropriate.

Minimum Requirements

Activate Base - Version 2.5.0.0 and higher

L1-Entity Monitoring - Indicators and Warnings 1.2.0.0

Suggested apps

FREE

New

OpenText COMMUNITY

Activate P-Windows (Obsolete)

OpenText

The P-Microsoft Windows package offers an easy way to monitor both host and entity related individual incidents. This package supports L1 & L2 Host Monitoring and L1 & L2 Entity Monitoring Use Cases and User Stories.

Playbook-Admin Account Check

OpenText

A Playbook for Admin Account Check Usecase

IBM DB2

OpenText

This Novell Sentinel Collector provides data-capture capabilities for IBM DB2 and related products.

FREE

New

OpenText COMMUNITY

MITRE ATTACK Package for ArcSight Logger

OpenText

The Logger MITRE ATT&CK Package is a set of Logger Searches which let you hunt MITRE ATT&CK related activity.

McAfee Network Security Platform

OpenText

This Novell Sentinel Collector provides data-capture capabilities for McAfee Network Security Platform and related products.

FREE

New

OpenText COMMUNITY

Playbook-Check IP Reputation from Multiple Sources

OpenText

A Playbook for Check IP Reputation from Multiple Sources Usecase

SNMP

OpenText

This Novell Sentinel Connector allows you to connect to SNMP event sources and collect generated events.

FREE

New

OpenText

Tenable Network Security Nessus

OpenText

This NetIQ Sentinel Collector provides data-capture capabilities for Tenable Nessus and related products.

FREE

New

OpenText

Cisco Aironet

OpenText

This Novell Sentinel Collector provides data-capture capabilities for Cisco Aironet and related products.

Releases

Release

Size

Date

L2-Entity Monitoring - Situational Awareness 1.3.0.1

21.2 KB

Dec 4, 2019

More info Less info

Product compatibility

OpenText Enterprise Security Manager

Version 6.8 · 6.11.0 · 6.9.1

Version 7.0 · 7.2 · 7.3 · 7.4 · 7.5 · 7.6 · 7.7 · 7.8

Release notes

On this release we have added Mitre Att&ck tagging for the following use cases:

Privileged User Account Logon Failure - T1110 - Brute Force
Privileged User Account Locked - T1110 - Brute Force
Privileged User Account Locked Multiple Times - T1110 - Brute Force
Privileged User Account Modification - T1098 - Account Manipulation
User Account Added to the Privileged Group - T1098 - Account Manipulation
Terminated User Account Added to the Privileged Group - T1098 - Account Manipulation

Languages

English

Files

L2-Entity Monitoring - Situational Awareness 1.2.0.1

18.7 KB

Aug 17, 2018

More info Less info

Product compatibility

OpenText Enterprise Security Manager

Version 6.8 · 6.11.0 · 6.9.1

Version 7.0 · 7.2 · 7.3 · 7.4 · 7.5 · 7.6 · 7.7 · 7.8

Release notes

Micro Focus rebranding changes.

Languages

English

Files

L2-Entity Monitoring - Situational Awareness 1.2.0.0

18.7 KB

Jan 25, 2018

More info Less info

Product compatibility

OpenText Enterprise Security Manager

Version 6.8 · 6.11.0 · 6.9.1

Release notes

This update includes minor bug fixes.

Languages

English

Files

Resources

Change Log and Discussion Forum

ArcSight Activate Framework

Documentation

Activate Wiki

Activate License

Activate Framework Installation and Configuration

Marketplace

Marketplace

L2-Entity Monitoring (Obsolete)

Product compatibility

CATEGORY

Description

Minimum Requirements

Suggested apps

Activate P-Windows (Obsolete)

Playbook-Admin Account Check

IBM DB2

MITRE ATTACK Package for ArcSight Logger

McAfee Network Security Platform

Playbook-Check IP Reputation from Multiple Sources

SNMP

Tenable Network Security Nessus

Cisco Aironet

Releases

Resources

Sign in

Marketplace

L2-Entity Monitoring (Obsolete)

App Support Tiers

Product compatibility

CATEGORY

Description

Minimum Requirements

Suggested apps

Activate P-Windows (Obsolete)

Playbook-Admin Account Check

IBM DB2

MITRE ATTACK Package for ArcSight Logger

McAfee Network Security Platform

Playbook-Check IP Reputation from Multiple Sources

SNMP

Tenable Network Security Nessus

Cisco Aironet

Releases

Resources

Unsubscribe from notifications

Marketplace Terms of Service

Your download has begun