Solved: Re: Usecases for Arista switch for Chronicle SIEM

NE_15 · 03-05-2024 09:18 PM

Does anyone know 5 different use cases for arista switch for chronicle SIEM

dnehoda

Hello,

I cannot think of 5 but, I can get you started with 3.

1.) Logging of access to the device

2.) Port security - 802.1x changes

3.) configuration changes

View solution in original post

dnehoda

I'm sorry but I dont understand your question here?

What does write the usecase mean?

View solution in original post

dnehoda

If the data is already being sent Chronicle, you would just need to do a
search for the appropriate fields.

If it’s not, you will most likely need to setup a forwarder or use the
ingestion api to get that data into Chronicle.

If you have not done that yet, please open a ticket with our support team.
Thank you!

View solution in original post

NE_15

Hi ,

I got it Thanks ! Appreciate your help 🙂

View solution in original post

dnehoda

Hello,

I cannot think of 5 but, I can get you started with 3.

1.) Logging of access to the device

2.) Port security - 802.1x changes

3.) configuration changes

NE_15

Hi ,

Can you help me in writing the usecase for the one you mentioned above. Would greatly appreciate it.

dnehoda

I'm sorry but I dont understand your question here?

What does write the usecase mean?

NE_15

I mean can you please help me with one example for the above usecase!

dnehoda

If the data is already being sent Chronicle, you would just need to do a
search for the appropriate fields.

If it’s not, you will most likely need to setup a forwarder or use the
ingestion api to get that data into Chronicle.

If you have not done that yet, please open a ticket with our support team.
Thank you!

NE_15

Hi ,

I got it Thanks ! Appreciate your help 🙂