ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Using the ArcSight SIEM agent


Article ID: 172178


Updated On:


CASB Security Standard CASB Security Premium CASB Security Advanced CASB Audit CASB Gateway CASB Gateway Advanced Data Loss Prevention Cloud Package


Delivering CloudSOC logs with the ArcSight SIEM agent.
Sometimes not all logs are delivered after a command. 


  1. Log on to CloudSOC.
  2. Navigate to the Knowledge Base web page.
  3. Click the 'API' option.
  4. Locate the Knowledge Base article titled: Delivering CloudSOC Logs with the SIEM Agent.
  5. Click on the Knowledge Base article to download it.
  6. Follow the directions as outlined.


The export will only pull a certain number of records before it stops.
If you suspect there are more logs, run the command again.
Repeat until all the logs are delivered.