Is there any detailed document about how to migrate from RSA enVision to RSA Security Analytics?
If you search in the envision community you will find content and references for this....Like this entry:
How to Transition from RSA enVision to RSA Security Analytics
You can use this link to view the SA device guides for configuration. > https://sadocs.emc.com/0_en-us/300_RSA_ContentAndResources/03_Supported_Event_Sources
Envision also had what was called Zconnector that took all logs hitting envision and pushed them to SA via syslog on port TCP 514.
Thanks David! That's very helpful.
Thanks Matthew! That's very helpful.
We have migrated from envision to SA so I can tell you that you will not get any detailed document on migration anywhere, So you have to go by taking support from RSA and for the logs and all you can use Z connector and IPDB extractor as per the requirement.
In terms of device integration: For syslog services you just have to change the destination on the server and start the syslog services but for the other devices you have to integrate the devices so you can follow https://sadocs.emc.com/0_en-us/300_RSA_ContentAndResources/03_Supported_Event_Sources
Thanks Mohd! That's very helpful.
Thanks all your input guys. That's very helpful.
Retrieving data ...