Symantec™ Event Collectors Integration Guide for Symantec Security Information Manager 4.7

Article:DOC2645  |  Created: 2010-08-10  |  Updated: 2010-08-18  |  Article URL http://www.symantec.com/docs/DOC2645
Article Type
Documentation


Description



Contents

The Symantec Event Collectors Integration Guide includes information that is common amongst most collectors. For information for a particular collector, see the Quick Reference for that collector.

  • 1. Introducing Symantec Event Collectors
    • About the Symantec Event Collectors Integration Guide
    • About Symantec Event Collectors and Symantec Security Information Manager
    • About Universal Event Collectors
    • Major components of Information Manager and collectors
    • Where to find more information about Information Manager
    • Accessing Help for the console
  • 2. Installing Symantec Event Collectors
    • Before you install collectors
      • Requirements for point products and the collectors
      • Updating the hosts file on a computer that hosts collectors
    • Installation and configuration tasks for collectors
    • Registering Collectors
    • Installing the collector on a remote computer
    • Installing collectors on an Information Manager server
    • Verifying Symantec Event Agent and collector installation
    • Installing queries on Information Manager
  • 3. Configuring point products
    • About configuring the point product to work with the collector
  • 4. Configuring collectors
    • Creating collector configurations and configuring sensors
    • Creating a new collector configuration
    • Configuring the collector sensor to receive security events
    • Adding, renaming, deleting, and disabling sensors
    • Importing and exporting sensor properties
    • Globally updating sensor properties
    • About sensor properties for common sensor types
      • Sensor properties for the DB sensor
      • Sensor properties for the LogFile sensor
      • Sensor properties for the LotusNotesDB sensor
      • Sensor properties for the OpsecLea sensor
      • Sensor properties for the SNMP sensor
      • Sensor properties for the SysLog sensor
      • Sensor properties for the SyslogFile sensor
      • Sensor properties for the Windows EventLog sensor
      • Sensor properties for the WS-Management sensor
    • Configuring collector raw event logging
    • Verifying collector configuration
  • 5. Configuring collectors for event filtering and aggregation
    • Configuring event filtering
    • Configuring event aggregation
  • 6. Configuring Syslog Director
    • About Syslog Director 4.3
    • Configuring Syslog Director with syslog collectors
  • 7. LiveUpdate for collectors
    • Running LiveUpdate for collectors
  • A. About installing collectors that use a database sensor
    • Installing collectors that use a database sensor
    • Setting the SQL Server security mode to mixed authentication
    • Downloading database drivers
    • Transferring database drivers to an Information Manager server
    • Installing database drivers on a remote computer
    • Creating read-only database users
      • Creating a read-only database user account for Microsoft SQL Server
      • Creating a read-only database user account for MySQL
      • Creating a read-only database user for Oracle
      • Creating a read-only database user account for IBM DB2
    • Importing sensor settings
    • Configuring the SQL Server instance to listen on a non-dynamic port
    • Configuring an SSL connection for the Microsoft SQL Server 2005 JDBC driver 1.2
  • B. About collector configurations
    • Collector configuration scenarios
      • Scenario 1 - One-for-All configuration
      • Scenario 2 - One-to-Many configuration
      • Scenario 3 - One-to-One configuration
      • Scenario 4 - One-per-Type configuration
  • C. Uninstalling collectors
    • Uninstalling the collector and its components
    • Unregistering the collector
    • Uninstalling the collector component
  • D. Configuring many sensors for collectors
    • Configuring many sensors for collectors
      • Sensor property names for common sensor types

Attachments

SEC_Integration_Guide_SSIM_47.pdf (1.4 MBytes)

Legacy ID



GenericGuide_Generic_47


Article URL http://www.symantec.com/docs/DOC2645


Terms of use for this information are found in Legal Notices