ArcSight ESM Image Viewer Tutorial P1.ppt
randoidzero
1 views
18 slides
Sep 16, 2025
Slide 1 of 18
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
About This Presentation
Archsight enterprise
Slide Content
Using Visio 2003 to Create
ESM Image Viewer
Gary Freeman
ArcSight Geek
Canada
ESM Image Viewer
Gary Freeman
ArcSight Geek
Canada
Agenda
Visio For Power Users
Reference Material
Tutorial #1: Creating a Visio Image
for ESM
Tutorial #2: Using ESM Image
Editor
Visio For Power Users
Reference Material
Tutorial #1: Creating a Visio Image
for ESM
Tutorial #2: Using ESM Image
Editor
Visio For Power Users
Most Used Short-Cuts
Ctrl-S: Save!
Ctrl-D: Cloning
Ctrl-1: Pointer Tool
Ctrl-2: Text Tool
Ctrl-Shift-F: Bring To Front
Ctrl-Shift-B: Send To Back
Most Used Short-Cuts
Ctrl-S: Save!
Ctrl-D: Cloning
Ctrl-1: Pointer Tool
Ctrl-2: Text Tool
Ctrl-Shift-F: Bring To Front
Ctrl-Shift-B: Send To Back
Reference Material
Visio 2003 Quick Guide PDF
Stencils / Templates www.visiocafe.com
Visio Guy www.visguy.com
MS Visio Help Online
http://office.microsoft.com/en-us/visio/FX100649221033.aspx?CTT=96&Ori
gin=CL100636311033
Visio 2007 Viewer
http://www.microsoft.com/downloads/details.aspx?FamilyId=D88E4542-B1
74-4198-AE31-6884E9EDD524&displaylang=en
Visio 2003 / 2007 Feature Comparison
http://office.microsoft.com/en-us/visio/fx101759431033.aspx
VSDfx 3D Isometric Shapes
http://www.visiocafe.com/downloads/vsdfx/VSDfx-3D.zip
Tutorial #1 finished drawing
Visio 2003
QuickGuide
Device Monitor
Visio 2003 Quick Guide PDF
Stencils / Templates www.visiocafe.com
Visio Guy www.visguy.com
MS Visio Help Online
http://office.microsoft.com/en-us/visio/FX100649221033.aspx?CTT=96&Ori
gin=CL100636311033
Visio 2007 Viewer
http://www.microsoft.com/downloads/details.aspx?FamilyId=D88E4542-B1
74-4198-AE31-6884E9EDD524&displaylang=en
Visio 2003 / 2007 Feature Comparison
http://office.microsoft.com/en-us/visio/fx101759431033.aspx
VSDfx 3D Isometric Shapes
http://www.visiocafe.com/downloads/vsdfx/VSDfx-3D.zip
Tutorial #1 finished drawing
Visio 2003
QuickGuide
Device Monitor
Reference Material: Visio Shortcuts
Tutorial #1: Creating a Visio Image for ESM
Scope:
Create image from scratch for logical Device Category
monitor and import into ESM Image Editor
Tools:
Visio 2003
Difficulty:
Moderate
Skills Learned:
Shortcuts
Guides
Cloning
Fills
Exporting
Scope:
Create image from scratch for logical Device Category
monitor and import into ESM Image Editor
Tools:
Visio 2003
Difficulty:
Moderate
Skills Learned:
Shortcuts
Guides
Cloning
Fills
Exporting
Tutorial #1: Creating a Visio Image for ESM
1.Create a new drawing
with landscape
orientation and
metric units
2.Create a rectangle
254 mm x 130 mm
(approx) and select
“Shapes > Center
Drawing” and
“Shapes > Align” and
center horizontally /
vertically and choose
“Create guide
and glue shapes to it”
3.Select the shape and
select the “Fill Color”
tool and select Gray-
50%
1.Create a new drawing
with landscape
orientation and
metric units
2.Create a rectangle
254 mm x 130 mm
(approx) and select
“Shapes > Center
Drawing” and
“Shapes > Align” and
center horizontally /
vertically and choose
“Create guide
and glue shapes to it”
3.Select the shape and
select the “Fill Color”
tool and select Gray-
50%
Tutorial #1: Creating a Visio Image for ESM
4.Create a smaller 242
mm wide x 10 mm high
rectangle shape on the
grid above the existing
rectangle
5.Right-mouse click and
select “Format > Fill”
and select the Pattern
drop-down and select
“30:” (ramp up) and
Pattern Color “16:” and
click Ok
6.Double click on the new
box and type “Device
Categories” and change
the font size to 14
7.Move the box down so
it becomes the header
for the larger rectangle.
4.Create a smaller 242
mm wide x 10 mm high
rectangle shape on the
grid above the existing
rectangle
5.Right-mouse click and
select “Format > Fill”
and select the Pattern
drop-down and select
“30:” (ramp up) and
Pattern Color “16:” and
click Ok
6.Double click on the new
box and type “Device
Categories” and change
the font size to 14
7.Move the box down so
it becomes the header
for the larger rectangle.
Tutorial #1: Creating a Visio Image for ESM
8.Select heading object and
press Ctrl-D to duplicate
it
9.Resize the new cloned
object to 115mm x 48mm
and place in upper left
quadrant of the drawing
10.Now select the object and
right-mouse click and
select “Format > Text” and
then change the “Text
Block” alignment to “Top”
and click Ok.
11.Double-click on the new
object and change the
text to “Security Devices”
12.Duplicate the new object
three more times and
change the text to
“Network Devices”,
“Operating Systems” and
“Applications”
13.Create additional guides
to align the shapes and
the spacing between the
shapes
8.Select heading object and
press Ctrl-D to duplicate
it
9.Resize the new cloned
object to 115mm x 48mm
and place in upper left
quadrant of the drawing
10.Now select the object and
right-mouse click and
select “Format > Text” and
then change the “Text
Block” alignment to “Top”
and click Ok.
11.Double-click on the new
object and change the
text to “Security Devices”
12.Duplicate the new object
three more times and
change the text to
“Network Devices”,
“Operating Systems” and
“Applications”
13.Create additional guides
to align the shapes and
the spacing between the
shapes
Tutorial #1: Creating a Visio Image for ESM
14.Add additional boxes
inside each of the device
quadrants and add
ramped fills (lighter gray
than outside box with
ramp in opposite
direction).
15.Use either the default
Visio stencils or the VSDfx
stencils (link above) to
add icons relative to the
device categories.
16.Select all of objects (Ctrl-
A) and then group them
(Ctrl-Shift-G) and save the
drawing.
17.Finally, export the
drawing as a JPG by
selecting “Save As” and
clicking the drop-down
for “Save as type” and
select “JPG File
Interchange Format
(JPG)”, click Save.
18.In the save dialog adjust
“Quality” to 100% and
select “Resolution >
Custom” and change
from 96x96 pixels to
110x110.
19.Click Ok.
14.Add additional boxes
inside each of the device
quadrants and add
ramped fills (lighter gray
than outside box with
ramp in opposite
direction).
15.Use either the default
Visio stencils or the VSDfx
stencils (link above) to
add icons relative to the
device categories.
16.Select all of objects (Ctrl-
A) and then group them
(Ctrl-Shift-G) and save the
drawing.
17.Finally, export the
drawing as a JPG by
selecting “Save As” and
clicking the drop-down
for “Save as type” and
select “JPG File
Interchange Format
(JPG)”, click Save.
18.In the save dialog adjust
“Quality” to 100% and
select “Resolution >
Custom” and change
from 96x96 pixels to
110x110.
19.Click Ok.
Tutorial #2: Using ESM Image Editor
Overview
Enable Image Editor in console by editing .ast file
Start Image Editor and Import image
Associate chart objects with filters
Save and run Image Viewer
What’s not covered:
Creation of the filters used by the image viewer
Overview
Enable Image Editor in console by editing .ast file
Start Image Editor and Import image
Associate chart objects with filters
Save and run Image Viewer
What’s not covered:
Creation of the filters used by the image viewer
Tutorial #2: Using ESM Image Editor
1.Close any instance of the
ArcSight Console.
2.Locate the file ARCSIGHT_HOME\
Console\Current\admin.ast (or
whatever username is being
used to access ESM) where the
ArcSight Console is installed and
open the file in a text editor and
add the following line (and then
save):
console.ui.imageEditor=true
3.Start the console and login with
the “admin” user and click on the
Views file menu option and
select Image Editor. You will
now have access to the image
editor with an empty palette.
4.Click on the “Magnetic Grid” icon
and select “Activated and Visible”,
change grid spacing to “10” and
select ‘Display Lines” and click Ok
(the dialog will not go away and
you’ll have to close it manually).
1.Close any instance of the
ArcSight Console.
2.Locate the file ARCSIGHT_HOME\
Console\Current\admin.ast (or
whatever username is being
used to access ESM) where the
ArcSight Console is installed and
open the file in a text editor and
add the following line (and then
save):
console.ui.imageEditor=true
3.Start the console and login with
the “admin” user and click on the
Views file menu option and
select Image Editor. You will
now have access to the image
editor with an empty palette.
4.Click on the “Magnetic Grid” icon
and select “Activated and Visible”,
change grid spacing to “10” and
select ‘Display Lines” and click Ok
(the dialog will not go away and
you’ll have to close it manually).
Tutorial #2: Using ESM Image Editor
4.Within the Image Editor, select the
New Image Entry icon on the top of
the left-hand tool list and click
anywhere on the palette to bring up
the open file dialog and select the
image you saved in the first tutorial.
4.Within the Image Editor, select the
New Image Entry icon on the top of
the left-hand tool list and click
anywhere on the palette to bring up
the open file dialog and select the
image you saved in the first tutorial.
Tutorial #2: Using ESM Image Editor
5.Next, click the vertical bar chart object on the toolbar and click the
area within the “Security Devices” quadrant. A dialogue will be
displayed requiring input. Enter the following details:
Node Name: SecurityDevices
Node Label: SecurityDevices
Assoc. Filter: (I created one that uses Express Firewall, VPN and AV
filters)
Drill Down: Grid Table
Viewer Name:
SecurityDevices
Viewer Params:
(auto-populated)
6.Click Ok.
7.Once saved the chart
object will have to be
adjusted manually
using the anchors
to be centered and
sized correctly within
the drawing quadrant.
Use the magnetic grid
to assist in placing.
5.Next, click the vertical bar chart object on the toolbar and click the
area within the “Security Devices” quadrant. A dialogue will be
displayed requiring input. Enter the following details:
Node Name: SecurityDevices
Node Label: SecurityDevices
Assoc. Filter: (I created one that uses Express Firewall, VPN and AV
filters)
Drill Down: Grid Table
Viewer Name:
SecurityDevices
Viewer Params:
(auto-populated)
6.Click Ok.
7.Once saved the chart
object will have to be
adjusted manually
using the anchors
to be centered and
sized correctly within
the drawing quadrant.
Use the magnetic grid
to assist in placing.
Tutorial #2: Using ESM Image Editor
8.Once you have created the first object, select the chart and click on
the Copy and then the Paste toolbar icons. A copy will be pasted that
will have reverted to the default chart size. Use the first chart object
you have formatted as a reference and manually resize the pasted
object (the Image Editor does not have any guides or sizing tools
apart from selecting the anchors).
9.Once you have copied and pasted the remaining
three chart objects, right click on each and select
“Properties” and rename all of the Nodes Names, Node Labels and
Viewer Names with the names of each device type. Select the correct
filters for each type. When you are done the properties for each chart
object will be:
Copy Paste
8.Once you have created the first object, select the chart and click on
the Copy and then the Paste toolbar icons. A copy will be pasted that
will have reverted to the default chart size. Use the first chart object
you have formatted as a reference and manually resize the pasted
object (the Image Editor does not have any guides or sizing tools
apart from selecting the anchors).
9.Once you have copied and pasted the remaining
three chart objects, right click on each and select
“Properties” and rename all of the Nodes Names, Node Labels and
Viewer Names with the names of each device type. Select the correct
filters for each type. When you are done the properties for each chart
object will be:
Copy Paste
Tutorial #2: Using ESM Image Editor
10.Now the Image Viewer is complete. Save it by clicking the Save icon on
the toolbar and when prompted name the ArcSight Image Viewer
“DeviceMonitor” and select “Default Viewer” and “Ok”.
11.Next, start the Replay Agent and start
sending demo events to ESM. Open the
“Live” channel and select the “Select Channel
Viewer Type: icon on the bottom right corner
of the channel window and select “Image
Viewer > DeviceMonitor” to display the new
image.
10.Now the Image Viewer is complete. Save it by clicking the Save icon on
the toolbar and when prompted name the ArcSight Image Viewer
“DeviceMonitor” and select “Default Viewer” and “Ok”.
11.Next, start the Replay Agent and start
sending demo events to ESM. Open the
“Live” channel and select the “Select Channel
Viewer Type: icon on the bottom right corner
of the channel window and select “Image
Viewer > DeviceMonitor” to display the new
image.
Tutorial #2: Finished Product
Disclaimer:
The content provided in this instructional presentation is not supported as official ArcSight
training material and is not supported by ArcSight. Moreover, the content is intended to familiarize
the audience with advanced features that are usually performed by ArcSight Professional Services.
If the content you have created as a result of this tutorial does not work or causes unexpected
results ArcSight is in no way liable as this instructional content was provided as is and is not official
ArcSight ratified content.
Caveats:
While the ArcSight ESM Image Viewer is aesthetically pleasing as a custom dashboard, special
consideration must be used in planning the number of chart objects and filters used in the
creation of this project since the 4.x version of ArcSight ESM uses a separate Active Channel to
populate the chart objects. As an example, if you have a global map depicting chart objects for 15
different countries, you are essentially opening 15 consecutive Active Channels to populate the
objects on the map.
Finally:
Gary Freeman is the sole creator of this content and does not represent ArcSight with this content
nor does this content reflect the views or best practices of ArcSight, Inc. Should you have any
questions or concerns please contact [email protected]. However, please note, this content
is provided “as is” and I can not guarantee the effectiveness of the material nor be held
accountable for any mishaps resulting in damages, service interruptions, outages or any other
synonym for “unexpected loss of service”.
www.arcsight.com © 2009 ArcSight Confidential 18
The content provided in this instructional presentation is not supported as official ArcSight
training material and is not supported by ArcSight. Moreover, the content is intended to familiarize
the audience with advanced features that are usually performed by ArcSight Professional Services.
If the content you have created as a result of this tutorial does not work or causes unexpected
results ArcSight is in no way liable as this instructional content was provided as is and is not official
ArcSight ratified content.
Caveats:
While the ArcSight ESM Image Viewer is aesthetically pleasing as a custom dashboard, special
consideration must be used in planning the number of chart objects and filters used in the
creation of this project since the 4.x version of ArcSight ESM uses a separate Active Channel to
populate the chart objects. As an example, if you have a global map depicting chart objects for 15
different countries, you are essentially opening 15 consecutive Active Channels to populate the
objects on the map.
Finally:
Gary Freeman is the sole creator of this content and does not represent ArcSight with this content
nor does this content reflect the views or best practices of ArcSight, Inc. Should you have any
questions or concerns please contact [email protected]. However, please note, this content
is provided “as is” and I can not guarantee the effectiveness of the material nor be held
accountable for any mishaps resulting in damages, service interruptions, outages or any other
synonym for “unexpected loss of service”.
www.arcsight.com © 2009 ArcSight Confidential 18
Tags
Categories
TechnologyDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 1
- Slides 18
- Age 75 days
Related Slideshows
11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
JeroenErne2
44 views
10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
JeroenErne2
44 views
13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
JeroenErne2
36 views
11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
JeroenErne2
33 views
21
Know for Certain
DaveSinNM
19 views
17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
novasedanayoga46
23 views