Limited supportBMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Command Center for Security 6.2.

Integrating plug-ins and adapters

The following table lists the BMC Defender plug-ins and adapters that you can use to enhance the functionality of your system.

You can access the complete set of documentation for BMC Defender plug-ins and adapters from the BMC Defender Plug-ins and Adapters documentation.

Category

Adapter or plug-in

Purpose

Security


 

BMC Defender AD Group Mapping plug-in

Assigns access or a role to a BMC Defender operator based on the operator's Active Directory permissions

(SPE2401)

With version 6.2 SPE2401, the BMC Defender Active Directory (AD) Group Mapping plug-in is included with the BMC Defender Server installation. For more information, see one of the following topics:

BMC AMI Command Center for Security: Authentication by using Active Directory Group Mapping 
BMC Defender SIEM Correlation Server: Authentication by using Active Directory Group Mapping

(Deprecated with version 6.2) Logs into the server by using Microsoft Active Directory Federation Services (ADFS) single sign-on components

(Deprecated with version 6.0.02) Adds HTTPS support to the BMC Defender Server web interface using OpenSSL TLS cipher suites, and adds message encryption between the server and its agent

Sites that require verifiable and published cryptographic algorithms need this adapter.  

Monitoring data sources

Transmits entire files (via syslog) to a receiving program

Discovers devices and network service ports, and obtains system baselines for asset management, change management, and general security

(Deprecated with version 6.2) Monitors Microsoft Office 365 Cloud App Security service using Microsoft embedded functions

Monitors device states using ICMP ping messages

Monitors SNMP MIB objects

BMC Defender SNMP Trap Monitor adapter

Monitors standard SNMP traps

(SPE2401)

With version 6.2 SPE2401, the BMC Defender SNMP Trap Monitor adapter is included with the BMC Defender Server installation. For more information, see one of the following topics:

BMC AMI Command Center for Security: SNMP Trap Monitor 
BMC Defender SIEM Correlation Server: SNMP Trap Monitor

Monitors changes or additions to relational database tables

Monitoring messages and processes

BMC Defender Association Monitor plug-in

Tracks relationships in message data, such as user locations or relationships between processes associated with managed devices

This plug-in can help by:

  • Detecting anomalies
  • Analyzing user or entity behavior
  • Organizing message data to assist in forensics and analysis

(SPE2401)

With version 6.2 SPE2401, the BMC Defender Association Monitor plug-in is included with the BMC Defender Server installation. For more information, see one of the following topics:

BMC AMI Command Center for Security: Using Association Monitor 
BMC Defender SIEM Correlation Server: Using Association Monitor

BMC Defender GDPR plug-in

Uses a General Data Protection Regulation (GDPR) Score Card to help organize SIEM data and achieve and monitor GDPR compliance

(SPE2401)

With version 6.2 SPE2401, the BMC Defender GDPR plug-in is included with the BMC Defender Server installation. For more information, see one of the following topics:

BMC AMI Command Center for Security: GDPR score card report 
BMC Defender SIEM Correlation Server: GDPR score card report

Synchronizes the configuration of a backup and failover server with the configuration of a master BMC Defender Server site

BMC Defender MT Correlation Processor adapter

Permits parallel processing of threads to extend the number of threads that can be used on a system, without increasing delays or decreasing performance

(SPE2404)

With version 6.2 SPE2404, the BMC Defender MT Correlation Processor adapter is included with the BMC Defender Server installation. For more information, see one of the following topics:

BMC AMI Command Center for Security: Multi-thread correlation processing 
BMC Defender SIEM Correlation Server: Multi-thread correlation processing

Tracks user logins or other sessions that are delimited by start and stop messages, such as login and logout messages

Sends emails whenever a thread logs a message 

BMC Defender Thread Forwarder adapter

Forwards thread messages with optional formatting to a third-party syslog server

(SPE2404)

With version 6.2 SPE2404, the BMC Defender Thread Forwarder adapter is included with the BMC Defender Server installation. For more information, see one of the following topics:

BMC AMI Command Center for Security: Forwarding correlation thread messages 
BMC Defender SIEM Correlation Server: Forwarding correlation thread messages

Reporting

BMC Defender Excel Report plug-in

Through Excel reports containing server information, graphically depicts message data by type, including messages, top devices, keyword count, and tailored reports for specific applications

(SPE2401)

With version 6.2 SPE2401, the BMC Defender Excel Report plug-in is included with the BMC Defender Server installation. For more information, see one of the following topics:

BMC AMI Command Center for Security: Generating an excel report 
BMC Defender SIEM Correlation Server: Generating an excel report

Configures reports that contain information to support file integrity monitoring

BMC Defender Parse Audit Report plug-in

Configures reports that contain information from a thread, parsed into fields for readability

(SPE2310)

With version 6.2 SPE2310, parse reports are included with BMC Defender Server installation. For more information, see one of the following topics:

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*