DOC-15107 - ESM Content Synchronization Script - Installation and Usage Guide

Summary:

The document provides a guide on how to handle special characters, particularly the dot (.) character, in resource and group names within an ESM platform. To avoid conflicts or issues caused by the use of dots, it suggests avoiding them altogether in these names. If a dot must be included, modify the content_sync.py code accordingly. Specifically, replace the original check for dots with one that specifically looks for the string 'Meta.Group' to ensure no confusion occurs when using special characters or strings within resource and group names.

Details:

The provided content is a summary of various documents and their authors, categorized under different sections such as "Use Cases," "FlexConnectors," and "ArcSight." These documents are related to the ESM (Enterprise Security Management) platform from iRock. Here's an overview of what each document appears to cover based on the titles: 1. **ArcSight Default Content - Ideas & Input Needed Urgently** by Emrah Alpa in Use Cases

• This suggests a need for ideas and inputs regarding ArcSight default content, indicating potential gaps or requirements within the platform that could be addressed through community input.

2. **Scissorhands or making our life easier with ESM logs** by Daniel Bulai in ESM support team

• The title implies that the document might offer tips or solutions to make using ESM logs more efficient, possibly discussing best practices or tools for better log management within the platform.

3. **ArcSight pricing, licensing and quoting Information** by Ofer Shezaf in ArcSight

• This could be a detailed guide or an informational piece that provides comprehensive information about how to handle pricing, licensing, and quoting issues specific to ArcSight, which is crucial for businesses managing security infrastructure.

4. **Syslog flexconnector for Huawei** by Jesus Prieto in FlexConnectors

• This document likely focuses on creating a Syslog FlexConnector specifically for Huawei devices or integrating these devices with the ESM platform using syslog technology.

These summaries are based on the titles and can serve as a guide to understanding the potential content of each document without providing full details about their contents. The document titled "ESM Content Synchronization Script - Installation and Usage Guide" was created by Kris Machnicki on December 8, 2014, and last modified by the same author on December 27, 2014. It is a user manual for David Matslofva's ESM synchronization script, which can be found natively at the URL provided in the document. The documentation serves as a guide to successfully deploy and implement the script for large enterprise customers. The document includes information on how to install and use the script, along with additional details that were updated in version 1.0 of the manual. It has been helpful to others who have repurposed it according to their needs. The content is tagged under various categories including ESM, Python, Scripting, Synchronization, and more. There are comments from users like Victor Pineiro and Ramesh Sankar expressing that they found this document useful after using the script for deployment purposes. The text is giving instructions on how to handle special characters, particularly the dot (.) character, in resource and group names. To avoid issues, it recommends avoiding dots in these names. If you must include a dot, modify the content_sync.py code as follows: Replace: ``` elif uri<1>

.find('.') == -1 and uri<1>

.find('==') == -1 and uri<1>

.startswith(get_uri_prefix(uri<2>

).strip('/')) == False: ``` With: ``` elif uri<1>

.find('Meta.Group') == -1 and uri<1>

.find('==') == -1 and uri<1>

.startswith(get_uri_prefix(uri<2>

).strip('/')) == False: ``` This change ensures that the specific string 'Meta.Group' is used to check for dots, avoiding potential issues with other characters or strings.