Log Collection: Log Collection Service System View Interface

Document created by RSA Information Design and Development on Jul 29, 2016
Version 1Show Document
  • View in full screen mode
 

A Log Collector is a service that runs on a Log Decoder host (referred to as a Local Collector) or sends events from a Remote Collector to a Local Collector, and is configured and managed in a similar way to a Log Decoder. Therefore, most of the information in this section refers to Decoders in general. Differences for Log Collectors are noted.

Log Collector View

To display this view:

  1. In the Security Analytics menu, select Administration > Services.

    The Administration services view is displayed.

  2. Click the checkbox next to a Log Collector, and select View > System.

    DevSysViewLC.PNG

Service Info Toolbar

DevSysViewLCTB.PNG

The Service Info toolbar shares many options with the Service System view toolbar. The following table describes the options which are unique to the Service Info toolbar.

               
ActionDescription
Collection

Displays a list of the collection protocols and gives you the options:

  • Start - start collecting event data from a stopped protocol.
  • Stop - stop collecting event data from a started protocol.
  • Pause -  pause the collection of event data from a started protocol.

Please refer to Step 5: Start Collection Services and Enable Automatic Start for more instructions.

See Also 

The Services System View topic in the Hosts and Services Getting Started Guide

You are here: Log Collection Getting Started Guide > Reference - Configuration Parameters Interface > Log Collection: Log Collection Service System View Interface

Attachments

    Outcomes