I have a requirement where I need to send my application audit logs to ArcSight SEIM. We have configured our application servers to send logs to ELK using file beat and marric beat, but we need to further send the application audit logs to ArcSight. I read about "logstash arcsight module" but as per documentation it helps in sending logs from ArcSight to ELK.
Any pointers will help.
Hi soumya rani
Could you please provide details about which document you are referring to? Also, please let us know which Sophos product you are currently using?