I wanted to share this and see if there are any reasons that this is working........
I have a win2008 r2 server with winrm configured. Security events are being collected via the Vista collector using winrm listening on port 5985 http etc.
I decided to use the ...
Greetings all from the heart of the 2012 Olympics ;-)
Is there a way of restricting,limiting or configuring the number of concurrent connections to the ssim server by SSIM clients ?
A report produced from an invironment I'm working on states;
The remote service encrypts ...
I have a Syslog Server SLES, that is setup to forward events from a number of network devices to a SSIM (4.7.4).
All the documentation around Syslog/Director etc states that it can be configured to recieve events via tcp....
typical is -> 514 from device, ...
The communication port from Agent to SSIM is 443 (Agent -> SSIM). The communication from SSIM to Agent is 5998 (SSIM -> Agent)
The SSIM sends a CIMON Packet via 5998 telling the Agent that there is a new configuration file ready, the Agent then ...
I'm deploying a SSIM 4.7.4 into a locked down Zone. The Hyper-Visor is ESXi 4.0 (Certified to required Standard so no upgrade).
The pre requistes are met.
The install starts and then returns this error:
passwd: Authentication Token manipulation ...
I'm looking for clarification around SSIM's abaility around syslog protocols.
Can SSIM's Syslog collectors and syslog director handle new and emerging syslog protocols such as TLS & RELP.
I'm trying to confirm that events sent via TLS to a SSIM ...
Firstly, I'd like some clarity on 32 bit or 64 bit Virtual instance of a single SSIM deployment.
All documentaion states that its a Red Hat linux 32 bit build. However, does the support include 64 bit ?. My understanding is that unless it has 64 bit support, anything ...
Does the Symantec Event Collector 4.4 for Microsoft Vista and Microsoft Windows Server 2008, ONBOX collector, have a limit to the number of Windows Servers it can revieve events from per SSIM ?