This guide tells you how to configure the SDEE collection protocol which collects events from Intrusion Detection System (IDS) and Intrusion Prevention Service (IPS) messages.
The following figure illustrates how you deploy the SDEE Collection Protocol in Security Analytics.
Configure SDEE Collection Protocol in Security Analytics
You configure to the Log Collector to use SDEE collection for an event source in the event Source tab of the Log Collector parameter view. The following figure the basic workflow for configuring an event source for SDEE Collection in Security Analytics. Please refer to:
- Step 1. Configure SDEE Event Sources in Security Analyticsfor step-by-step instructions on how to configure events sources in Security Analytics tht use the SDEE Collection protocol.
- Reference - SDEE Event Source Configuration Parameters for a detailed description of each SDEE Collection Protocol parameter.
The event source category is part of the content you downloaded from LIVE.
Configure Event Sources to Use SDEE Collection Protocol
You need to configure each event source that uses the SDEE Collection protocol to communicate with Security Analytics (see Step 2. Configure SDEE Event Sources to Send Events to Security Analytics ).