Log Collection Config: Test Event Source Connections in Bulk

Document created by RSA Information Design and Development on Jul 29, 2016
Version 1Show Document
  • View in full screen mode
 

You can use the bulk export option to export the event source details of your current set up and store it. This data can be imported in bulk when you face a problem with your current set up and require the event source data you had.

You can use the bulk edit feature when you have multiple event sources that need a specific modification. You can select all the sources and apply the edit option across them at a time and avoid applying the change one by one.

After completing this procedure, you will have...

  • Imported event sources in bulk.
  • Exported event sources in bulk.
  • Edited event sources in bulk.

Return to Procedures

Procedure

To test multiple event source connections at once:

  1. In the Security Analytics menu, select Administration >Services.
  2. In the Services grid, select a Log Collector service.
  3. Click AdvcdExpandBtn.PNGunder Actions and select View > Config.
  4. Select the Event Sources tab, select Plugins, ODBC, and Windows (the other protocol do not have a bulk test connection function).
  5. Select one or more:
  • sources from the Sources panel for Plugins or ODBC
  • hosts from Hosts panel for Windows

    The Test Connection button is enabled.

LC_Config_Test_Hosts.png

  1. Click  testConnection.PNG.
    The Bulk Test Connections dialog is displayed showing the current status of the test for each source. The status can be waiting, testing, passed or failed.
    If you choose to close the testing before it is completed, the testing stops and the Bulk Test Connections dialog closes.
    After the testing is complete, the results are displayed  in the Bulk Test Connections dialog.

    BulkTestConnection_Result.png-0000.png

Parameters

References - AWS (CloudTrail) Collection Configuration Parameters

References - ODBC Collection Configuration Parameters

References - Windows Collection Configuration Parameters

Attachments

    Outcomes