Manualshelf

User`s guide

ManualsBrandsVMware ManualsOtherVCLOUD REQUEST MANAGER 1.0.0
30313233343536373839
Technical white paper
31
Zones
High value assets can be grouped into Zones. A Zone is based on a range of IP Addresses which can be used as a filter to
search and view log activity.
Figure 35. ArcSight ESM Manager Zones
Grouping of machines by zones allows the ArcSight administrator to monitor the high value assets; we have grouped the
CloudSystem Enterprise server nodes in the Zone named CloudSystem Enterprise.
Figure 36. Zone Properties
Queries
Queries can be created and executed against the ArcSight ESM data; a query is created and then executed by the query
viewer. We’ll use our failed logon example to demonstrate how to create and execute a query.
Launch the New Query pane and provide a Name for your query, in Figure 37 we’ve used Failed Login as the name for our
query. Next we’ll select the Fields tab to configure the fields that will be returned by the Query.