Log Collection File: Step 2: Configure File Event Sources to Send Events to Security Analytics

Document created by RSA Information Design and Development on Jul 29, 2016
Version 1Show Document
  • View in full screen mode
 

The list of RSA Supported Event Sources is an alphabetized of all the event sources currently supported by Security Analytics that identifies which event sources you can use with File Collection.

Return to Procedures

To verify that the event sources are correctly configured:

SupportedES.png

  1. Find the name of the event source.
  2. Verify that it is supported by File Collection Protocol.
  3. Click on yellow-book.png to display the configuration instructions for the event source.
  4. Verify that you downloaded the correct parser (for example, apache) from LIVE to the Log Decoder and enabled it.

Sample Configuration Instructions

The following illustration is taken from the Apache HTTP Server configuration instructions.

sampleConfigInstr.PNG

You are here: File Collection Protocol Configuration Guide > Procedures > Log Collection File: Step 2: Configure File Event Sources to Send Events to Security Analytics

Attachments

    Outcomes