Hi all,
I need information about the logs collection for CCS.
From my previous logged cases with Symantec, I understand that the logs are retrieved from the CSM_DB database.
For the location of logs, please tell me which table of the database that these logs can be retrieved.
In my company's project, we will be using a HP SmartConnector to retrieve these logs from the database and send them to a centralized log management server for analysis and correlation.
These are the logs which i need to extract and retreive:
Security logs: Authentication, Configuration changes, Audit logs
>>> (Login/logout, who logged on/ date/time of event)
Application logs: Generated from application and services we are
>>> running (e.g start-up, shutdown events, running of jobs, error logs)
>>> System logs: logs generated by the system (e.g. OS, etc)
To my current understanding, the logs may be retrieved from the database or the windows event viewer. For the database, i understand that it may come from the CSM_DB or CSM_Reports database, under the table dbo.ChangeLogEntries. However, when i tried running a data collection job, it does not get reflected immediately in the CSM_DB or CSM_Reports database. Can anyone help me with this?
Thanks all in advance!