This topic provides information on how to add the Event Stream Analysis (ESA) service on a host.
Ensure that you have installed an ESA service and added the host in Security Analytics. For more information, see Step 1: Add or Update a Host in the Getting Started Guide.
To add the Event Stream Analysis service:
In the Security Analytics menu, select Administration > Services.
The services view is displayed.
The Add Service dialog is displayed.
Provide the following details.
Field Description Host Select the host on which you want to install the ESA service. Name Type a name for the service. Port Default port is 50030.
Note: ESA can be configured using the SSL port 50030 only. You cannot configure a Non-SSL port.
Entitle Service Select if you want to apply the entitlements currently configured to this service.
Click Test Connection to determine if Security Analytics connects to the service.
Note: While adding the service, Security Analytics sends ICMP packets to the service to verify if the hostname/IP address entered is valid for successful test connection.
When the result is successful, click Save.
The added service is now displayed in the Services panel.
Note: If the test is unsuccessful, edit the service information and retry.