How to setup the Generic Syslog Event Collector
|Article:TECH90814|||||Created: 2008-01-11|||||Updated: 2010-01-02|||||Article URL http://www.symantec.com/docs/TECH90814|
How to setup the Generic Syslog Event Collector.
The Generic Syslog Event collector is intended as a catchall collector for syslog events that may not be addressed by a specific product collector. It is also used as a troubleshooting tool for the Syslog Director.
To configure the Generic Syslog Event Collector, follow these steps:
- Log into the SSIM Client console.
- In the left pane, click System.
- In the right pane, click Product Configuration.
- Right-click the Generic Syslog Event Collector.
- Click New.
The Create a new Configuration Wizard will appear.
- Click Next.
Give the configuration a Name, then click Next.
- Click Add.
The Find Computers window will appear.
- Select the SSIM appliance then click Add.
- Click Next, then Finish.
Now that the configuration is created, verify the sensor settings.
- Click on the new configuration you just created.
- Click the SysLog Sensor tab.
- Check the box next to Sensor 0 to activate the sensor.
- Leave the port number at 10518.
- Click Save.
- Right click the configuration and click Distribute.
- Click Yes to confirm.
For more information see this document.
Article URL http://www.symantec.com/docs/TECH90814