Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Vectra Networks Vectra

The JSA DSM for Vectra Networks Vectra collects events from the Vectra Networks Vectra X-Series platform.

The following table describes the specifications for the Vectra Networks Vectra DSM:

Table 1: Vectra Networks Vectra DSM Specifications

Specification

Value

Manufacturer

Vectra Networks

DSM name

Vectra Networks Vectra

RPM file name

DSM-VectraNetworksVectra-JSA_version-build_number.noarch.rpm

Supported versions

2.2

Protocol

Syslog

Event Format

Common Event Format (CEF). CEF:0 is supported.

Recorded event types

Host scoring, command and control, botnet activity, reconnaissance, lateral movement, exfiltration

Automatically discovered?

Yes

Includes identity?

No

Includes custom properties?

No

More information

Vectra Networks Website (http://www.vectranetworks.com)

To integrate Vectra Networks Vectra with JSA, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs from the Juniper Downloads onto your JSA Console in the order that they are listed:

    • DSMCommon RPM

    • Vectra Networks Vectra DSM RPM

  2. Configure your Vectra Networks Vectra device to send syslog events to JSA.

  3. If JSA does not automatically detect the log source, add a Vectra Networks Vectra log source on the JSA Console. The following table describes the parameters that require specific values for Vectra Networks Vectra event collection:

    Table 2: Vectra Networks Vectra Log Source Parameters

    Parameter

    Value

    Log Source type

    Vectra Networks Vectra

    Protocol Configuration

    Syslog

    Log Source Identifier

    A unique identifier for the log source.