The Symantec Event Collectors Integration Guide includes information that is common amongst most collectors. For information for a particular collector, see the Quick Reference for that collector.

• 1. Introducing Symantec Event Collectors
  • About the Symantec Event Collectors Integration Guide
  • About Symantec Event Collectors and Symantec Security Information Manager
  • About Universal Event Collectors
  • Major components of Information Manager and collectors
  • Where to find more information about Information Manager
  • Accessing Help for the console
• 2. Installing Symantec Event Collectors
  • Before you install collectors
    • Requirements for point products and the collectors
    • Updating the hosts file on a computer that hosts collectors
  • Installation and configuration tasks for collectors
  • Registering Collectors
  • Installing the collector on a remote computer
  • Installing collectors on an Information Manager server
  • Verifying Symantec Event Agent and collector installation
  • Installing queries on Information Manager
• 3. Configuring point products
  • About configuring the point product to work with the collector
• 4. Configuring collectors
  • Creating collector configurations and configuring sensors
  • Creating a new collector configuration
  • Configuring the collector sensor to receive security events
  • Adding, renaming, deleting, and disabling sensors
  • Importing and exporting sensor properties
  • Globally updating sensor properties
  • About sensor properties for common sensor types
    • Sensor properties for the DB sensor
    • Sensor properties for the LogFile sensor
    • Sensor properties for the LotusNotesDB sensor
    • Sensor properties for the OpsecLea sensor
    • Sensor properties for the SNMP sensor
    • Sensor properties for the SysLog sensor
    • Sensor properties for the SyslogFile sensor
    • Sensor properties for the Windows EventLog sensor
    • Sensor properties for the WS-Management sensor
  • Configuring collector raw event logging
  • Verifying collector configuration
• 5. Configuring collectors for event filtering and aggregation
  • Configuring event filtering
  • Configuring event aggregation
• 6. Configuring Syslog Director
  • About Syslog Director 4.3
  • Configuring Syslog Director with syslog collectors
• 7. LiveUpdate for collectors
  • Running LiveUpdate for collectors
• A. About installing collectors that use a database sensor
  • Installing collectors that use a database sensor
  • Setting the SQL Server security mode to mixed authentication
  • Downloading database drivers
  • Transferring database drivers to an Information Manager server
  • Installing database drivers on a remote computer
  • Creating read-only database users
    • Creating a read-only database user account for Microsoft SQL Server
    • Creating a read-only database user account for MySQL
    • Creating a read-only database user for Oracle
    • Creating a read-only database user account for IBM DB2
  • Importing sensor settings
  • Configuring the SQL Server instance to listen on a non-dynamic port
  • Configuring an SSL connection for the Microsoft SQL Server 2005 JDBC driver 1.2
• B. About collector configurations
  • Collector configuration scenarios
    • Scenario 1 - One-for-All configuration
    • Scenario 2 - One-to-Many configuration
    • Scenario 3 - One-to-One configuration
    • Scenario 4 - One-per-Type configuration
• C. Uninstalling collectors
  • Uninstalling the collector and its components
  • Unregistering the collector
  • Uninstalling the collector component
• D. Configuring many sensors for collectors
  • Configuring many sensors for collectors
    • Sensor property names for common sensor types