This guide tells you how to configure Log Collection after you have deployed it (that is, after you set up Local and Remote Collectors).
This guide tells you:
- What Log Collection does, how it works from a high level, and provides high-level deployment diagrams.
- How to start collecting events.
- Where to find instructions to set up more complex deployments.
- How to start, pause, and stop any collection protocol.
- What the structure of the Log Collection Configuration User Interface is.
- Which tools to use to troubleshoot Log Collection issues and lists global troubleshooting instructions.
- How to fine tune and customize Log Collection in your environment.
This guide does not tell you how to:
- Get started by creating the basic, minimum deployment and configuration. This information is in the Log Collection Getting Started Guide.
- Deploy Log Collection in multiple locations with high availability and load balancing. This information is in the Log Collection Deployment Guide.
Configure individual collection protocols. Instructions are in the individual Log Collection Guides:
- AWS (CloudTrail) Collection Configuration Guide
- Check Point Collection Configuration Guide
- File Collection Protocol Configuration Guide
- Netflow Collection Configuration Guide
- ODBC Collection Configuration Guide
- SDEE Collection Configuration Guide
- SNMP Collection Configuration Guide
- VMware Collection Configuration Guide
- Windows Collection Configuration Guide
- Windows Legacy and NetApp Collection Configuration Guide
Configuration Guides for each supported event source.
See the Event Source Configuration Guide space on RSA Link for these guides.