The community has a new login process
The community single sign-on system has been changed. Learn more about it HERE

Connector How To: Filtering and Aggregation

Connector How To: Filtering and Aggregation

When collecting events from devices is best practice to check and analyse the events and limit the amount sent to the ESM to save Bandwidth and improve Performance. Only collect the events that are actually useful for analysis in your environment and discard any other events that are not necessary to your organisation, you do not want to really collect all and everything just for the sake of it, but you want to collect only information that make sense to have for investigation. Having said that, for compliance you may need to collect ALL events, in that case I would suggest using our Logger software for storing all the events and the ESM for analysis (and in that case filter out wat is not really needed).

Find below some useful information and KB articles to assist:

Hope this helps,

Regards,

Salvatore

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Comments
rburra251

Hi Alba,

thanks for this post it will be really helpful in optimising the ESM however, I couldn't find the below documents.

Process of Event Aggregation - KM1271058

Filter Aggregation not Working - KM1272363

Creating Report for Aggregation - KM1272876

Configuring Without Console - KM1271389


Can you please provide me URL's for the above documents???


Thanks,

Rahul

salvatore.alba@

Hi Raul,

Thanks for your comment, to view and search our Knolwedge Base articles you will need to login into our SSO portal here: https://softwaresupport.hp.com/group/softwaresupport/search-result

Hope this helps,

Salvatore

shezaf1

Now updated with links.

richard_kouadio

this post should be remove are the link are no longer active, it has become really useless and frustrating.

salvatore.alba@

Hi Richard,

Sorry about that, the KB article number is still available, a quick search on the Knowledge Base still produce the article: https://softwaresupport.softwaregrp.com/doc/KM1271058

 

The Knowledge Base is now reachable at this link:

https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result

 

Process of Event Aggregation - KM1271058

Filter Aggregation not Working - KM1272363

Creating Report for Aggregation - KM1272876

Configuring Without Console - KM1271389

 

Hope this helps :)

 

Salvatore

Top Contributors
Version history
Revision #:
1 of 1
Last update:
‎2015-08-21 05:41
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.